www.bleepingcomputer.com Open in urlscan Pro
104.20.185.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Submission: On July 29 via api (July 29th 2024, 2:34:42 pm UTC) from DE — Scanned from CA

Summary HTTP 129 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 57 domains to perform 129 HTTP transactions. The main IP is 104.20.185.56, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 112125.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 2nd 2024. Valid for: a year.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.20.185.56 104.20.185.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
35	172.67.75.139 172.67.75.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.18.20.206 104.18.20.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
2 2	142.251.16.106 142.251.16.106	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
3	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
1 40	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.18.26 18.160.18.26	16509 (AMAZON-02) (AMAZON-02)
1	18.160.46.104 18.160.46.104	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
3	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	64.233.180.149 64.233.180.149	15169 (GOOGLE) (GOOGLE)
1	23.52.9.200 23.52.9.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:400d:c07::65	15169 (GOOGLE) (GOOGLE)
1	18.160.46.100 18.160.46.100	16509 (AMAZON-02) (AMAZON-02)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
2	18.189.4.224 18.189.4.224	16509 (AMAZON-02) (AMAZON-02)
1	209.85.232.156 209.85.232.156	15169 (GOOGLE) (GOOGLE)
1	104.18.20.97 104.18.20.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.161.99.197 54.161.99.197	14618 (AMAZON-AES) (AMAZON-AES)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
2 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 1	216.22.16.69 216.22.16.69	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	185.167.164.52 185.167.164.52	198622 (ADFORM) (ADFORM)
1	23.221.241.11 23.221.241.11	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.211.213.240 54.211.213.240	14618 (AMAZON-AES) (AMAZON-AES)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	2600:9000:220... 2600:9000:2209:a000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:d	27630 (AS-XFERNET) (AS-XFERNET)
1 1	35.214.138.214 35.214.138.214	15169 (GOOGLE) (GOOGLE)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1 1	155.204.117.1 155.204.117.1	15830 (EQUINIX) (EQUINIX)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.198.44.255 34.198.44.255	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	98.80.23.94 98.80.23.94	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:612... 2600:1f18:612b:4280:8a90:fc1e:350:edd4	14618 (AMAZON-AES) (AMAZON-AES)
1 1	63.251.28.210 63.251.28.210	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	54.243.167.211 54.243.167.211	14618 (AMAZON-AES) (AMAZON-AES)
1 1	143.244.222.249 143.244.222.249	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	18.160.46.59 18.160.46.59	16509 (AMAZON-02) (AMAZON-02)
2 2	44.195.70.202 44.195.70.202	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.7.10.111 52.7.10.111	14618 (AMAZON-AES) (AMAZON-AES)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.23.203.136 107.23.203.136	14618 (AMAZON-AES) (AMAZON-AES)
129	30

1 104.20.185.56 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 172.67.75.139 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.106 (Farmingdale, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 172.64.146.152 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-26.iad12.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-104.iad55.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.180.149 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.9.200 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-9-200.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::65 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.189.4.224 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-4-224.us-east-2.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.20.97 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4acf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4ad8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.99.197 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-99-197.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f008:200::101 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.153 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.69 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.52 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.221.241.11 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-241-11.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.213.240 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-213-240.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:a000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:d (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.138.214 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 214.138.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 155.204.117.1 (Ashburn, United States) 1 redirects

ASN15830 (EQUINIX, NL)

openrtb-us-east-1.axonix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.44.255 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-44-255.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.80.23.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-80-23-94.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:8a90:fc1e:350:edd4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

connatix-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.210 (Secaucus, United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.167.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-167-211.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.222.249 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.resetdigital.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-59.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.195.70.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-70-202.compute-1.amazonaws.com

vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.10.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-10-111.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.203.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-203-136.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 5212 cds.connatix.com — Cisco Umbrella Rank: 5372 capi.connatix.com — Cisco Umbrella Rank: 1317 ins.connatix.com — Cisco Umbrella Rank: 7637 cks.connatix.com — Cisco Umbrella Rank: 8757 vid.connatix.com Failed	404 KB
35	bleepstatic.com www.bleepstatic.com — Cisco Umbrella Rank: 220141	760 KB
8	pub.network a.pub.network — Cisco Umbrella Rank: 7353 d.pub.network — Cisco Umbrella Rank: 7910 c.pub.network — Cisco Umbrella Rank: 7429	375 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	69 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1261 tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	14 KB
4	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1573 api.btloader.com — Cisco Umbrella Rank: 1813	19 KB
4	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 cm.g.doubleclick.net Failed	31 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 499	2 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	195 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1603	1 KB
2	sundaysky.com 2 redirects vop.sundaysky.com — Cisco Umbrella Rank: 4409	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 1117	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1480	901 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 764	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 632	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 1026	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 2139	2 KB
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 76750	26 KB
2	optimise.net optimise.net — Cisco Umbrella Rank: 8494	6 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 40554 cdn.firstimpression.io — Cisco Umbrella Rank: 39023	101 KB
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10	19 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1383	522 B
1	resetdigital.co 1 redirects sync.resetdigital.co — Cisco Umbrella Rank: 3523	418 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2901
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 969	592 B
1	tremorhub.com 1 redirects connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 22171	426 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 952	531 B
1	axonix.com 1 redirects openrtb-us-east-1.axonix.com — Cisco Umbrella Rank: 6911	618 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1333	279 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1537	682 B
1	ctnsnet.com 1 redirects i.ctnsnet.com — Cisco Umbrella Rank: 16440	440 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1043	467 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 1077	1 KB
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 804	339 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 855
1	adform.net c1.adform.net — Cisco Umbrella Rank: 1001	521 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1165	348 B
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 741	239 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1432	460 B
1	videoplayerhub.com 1 redirects freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 11720	667 B
1	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804	21 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2615	1 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 46846	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	105 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 imasdk.googleapis.com Failed	1 KB
1	bleepingcomputer.com www.bleepingcomputer.com — Cisco Umbrella Rank: 112125	16 KB
0	liadm.com Failed i.liadm.com Failed
0	intentiq.com Failed sync.intentiq.com Failed
0	colossusssp.com Failed sync.colossusssp.com Failed
0	rlcdn.com Failed id.rlcdn.com Failed
0	media.net Failed cs.media.net Failed
0	openx.net Failed us-u.openx.net Failed
0	tynt.com Failed de.tynt.com Failed
0	rubiconproject.com Failed eus.rubiconproject.com Failed
129	57

	Domain	Requested by
35	www.bleepstatic.com	www.bleepingcomputer.com www.bleepstatic.com
21	cks.connatix.com	blank
11	cds.connatix.com	cd.connatix.com cds.connatix.com
5	capi.connatix.com	1 redirects www.bleepingcomputer.com cds.connatix.com blank
5	a.pub.network	www.bleepingcomputer.com a.pub.network
4	fonts.gstatic.com	fonts.googleapis.com
3	x.bidswitch.net	3 redirects
3	btloader.com	1 redirects www.bleepingcomputer.com blank
3	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com
2	c.pub.network	a.pub.network
2	ad-delivery.net	blank
2	vop.sundaysky.com	2 redirects
2	pixel.tapad.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	2 redirects
2	match.prod.bidr.io	2 redirects
2	ssum.casalemedia.com	2 redirects
2	ins.connatix.com	cds.connatix.com
2	tag.escalated.io	ecdn.firstimpression.io tag.escalated.io
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	optimise.net	a.pub.network
2	www.gstatic.com	www.bleepingcomputer.com
2	www.google.com	2 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	api.btloader.com	freestar-io.videoplayerhub.com
1	sync.ipredictive.com	1 redirects
1	tags.crwdcntrl.net	cds.connatix.com
1	sync.resetdigital.co	1 redirects
1	cs-server-s2s.yellowblue.io	cds.connatix.com
1	ads.stickyadstv.com	1 redirects
1	connatix-supply-partners.tremorhub.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	openrtb-us-east-1.axonix.com	1 redirects
1	csync.loopme.me	1 redirects
1	sync.go.sonobi.com	1 redirects
1	i.ctnsnet.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	bh.contextweb.com	1 redirects
1	match.sharethrough.com	1 redirects
1	ads.pubmatic.com	cds.connatix.com
1	c1.adform.net	cds.connatix.com
1	ssbsync.smartadserver.com	1 redirects
1	sync.1rx.io	1 redirects
1	ad.turn.com	1 redirects
1	freestar-io.videoplayerhub.com	1 redirects
1	cdn.confiant-integrations.net	a.pub.network
1	securepubads.g.doubleclick.net	a.pub.network
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	www.google-analytics.com	www.googletagmanager.com
1	widgets.outbrain.com	www.bleepingcomputer.com
1	ad.doubleclick.net	www.bleepingcomputer.com
1	d.pub.network	www.bleepingcomputer.com
1	ecdn.firstimpression.io	www.bleepingcomputer.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	cd.connatix.com	www.bleepingcomputer.com
1	www.googletagmanager.com	www.bleepingcomputer.com
1	fonts.googleapis.com	www.bleepingcomputer.com
1	www.bleepingcomputer.com
0	imasdk.googleapis.com Failed	cds.connatix.com
0	i.liadm.com Failed	www.bleepingcomputer.com
0	sync.intentiq.com Failed	www.bleepingcomputer.com
0	vid.connatix.com Failed	cds.connatix.com
0	sync.colossusssp.com Failed	www.bleepingcomputer.com
0	cm.g.doubleclick.net Failed	www.bleepingcomputer.com
0	id.rlcdn.com Failed	www.bleepingcomputer.com
0	cs.media.net Failed	www.bleepingcomputer.com
0	us-u.openx.net Failed	www.bleepingcomputer.com
0	de.tynt.com Failed	cds.connatix.com
0	eus.rubiconproject.com Failed	cds.connatix.com
129	73

This site contains no links.

Subject Issuer	Validity	Valid
bleepingcomputer.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-02` - `2025-05-03`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
bleepstatic.com WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
pub.network WE1	`2024-07-21` - `2024-10-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
connatix.com WE1	`2024-06-27` - `2024-09-25`	3 months	crt.sh
analysis.fi Amazon RSA 2048 M01	`2023-10-04` - `2024-10-31`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2023-11-28` - `2024-12-05`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
d.pub.network WR3	`2024-07-17` - `2024-10-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
optimise.net WR3	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.escalated.io Amazon RSA 2048 M02	`2024-03-24` - `2025-04-23`	a year	crt.sh
confiant-integrations.net WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
ins.connatix.com WE1	`2024-06-15` - `2024-09-13`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
c.pub.network WR3	`2024-07-14` - `2024-10-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Frame ID: CCFA1F6F2CAAF6C3A24FEEE11E56C854
Requests: 100 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: B8BF12BF2CBBD48734BEF143E9BDFBF9
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240724/r20110914/zrt_lookup_fy2021.html
Frame ID: 4BC074F4E0D02C24E87D325A6C9E36E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1722261118&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fproofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_9~30_19&aiixl=27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722263647457&bpp=2&bdt=524&idt=306&shv=r20240724&mjsv=m202407240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=519133147969&frm=20&pv=2&ga_vid=1696872600.1722263648&ga_sid=1722263648&ga_hid=1431518972&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531513%2C44795922%2C95334526%2C95334828%2C95337868%2C95338263%2C31085601%2C95336521%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2152050457257817&tmod=600057823&uas=0&nvt=1&fsapi=1&fc=896&brdim=1430%2C1170%2C1430%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=333
Frame ID: D4FB9188483316A2373C4B77643A9E52
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: C483A7F3D4FE2BAD5C4BC0EFB704F4C9
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Frame ID: 52611ABA4B864E9F07DA5DEC43B17ABD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3DPubmatic%26tier%3D1%26DemandPartnerUserId%3D&gdpr=0
Frame ID: 26CD12AC3A5E1C305B101265F1678D21
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Frame ID: 9A7EA38412CA2CCFCD636FB3DFF439FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

129
Requests

70 %
HTTPS

21 %
IPv6

57
Domains

73
Subdomains

30
IPs

4
Countries

2147 kB
Transfer

5875 kB
Size

64
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 27

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 74

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

Request Chain 77

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 85

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0 HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
https://cks.connatix.com/cks?pid=17&ev=78df222c951d49d285835a54b03a47fb&pname=Index&api-tier=1&uid=ZqeoYNHM6b0AAHK7AG2t4gAA%263617

Request Chain 86

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
https://cks.connatix.com/cks?pid=15&ev=78df222c951d49d285835a54b03a47fb&pname=Beeswax&api-tier=1&uid=AAB8GE7NT1EAABTTJk3Eug&gdpr=0

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=251a112c-bbcc-4012-b6a7-76f11841de2a&ttl=1724855648

Request Chain 88

https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DAmobee%26api-tier%3D1%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=21&ev=78df222c951d49d285835a54b03a47fb&pname=Amobee&api-tier=1&uid=2605327058621891724

Request Chain 89

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID HTTP 302
https://cks.connatix.com/cks?pid=25&ev=78df222c951d49d285835a54b03a47fb&pname=TripleLift&api-tier=1&uid=2802629442880840033773

Request Chain 90

https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DAppNexus%26api-tier%3D1%26uid%3D%24UID=&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D78df222c951d49d285835a54b03a47fb%2526pname%253DAppNexus%2526api-tier%253D1%2526uid%253D%2524UID%3D%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=6&ev=78df222c951d49d285835a54b03a47fb&pname=AppNexus&api-tier=1&uid=3654099958127343586=&gdpr=0

Request Chain 91

https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DNexxen%26api-tier%3D1%26uid%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=44&ev=78df222c951d49d285835a54b03a47fb&pname=Nexxen&api-tier=1&uid=OPTOUT

Request Chain 92

https://ssbsync.smartadserver.com/api/sync?callerId=6&nwid=3630&gdpr=0&gdpr_consent=null&url=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d40%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3dSmartAdServer%26api-tier%3d1%26uid%3D%5Bsas_uid%5D HTTP 302
https://capi.connatix.com/us/pixel?puid=2794061429948992203&pId=40&gdpr=0&gdpr_consent=

Request Chain 94

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0 HTTP 301
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0

Request Chain 95

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 302
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0

Request Chain 97

https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3dSharethrough%26api-tier%3d1%26uid%3d%7BUSER_ID%7D HTTP 302
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=1b5bbfa8-725d-40af-b1cc-aabafab5c88e&gdpr=0&gdpr_consent=null

Request Chain 98

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DPulsePoint%26api-tier%3D1%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=13&ev=78df222c951d49d285835a54b03a47fb&pname=PulsePoint&api-tier=1&uid=0hqA0UpteBBf

Request Chain 99

https://s.ad.smaato.net/c/?adExInit=g&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d48%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3dSmaato%26api-tier%3d1%26uid%3D%24UID HTTP 302
https://cks.connatix.com/cks?pid=48&ev=78df222c951d49d285835a54b03a47fb&pname=Smaato&api-tier=1&uid=f7e96e2273

Request Chain 100

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCrimtan%26api-tier%3D1%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=28&ev=78df222c951d49d285835a54b03a47fb&pname=Crimtan&api-tier=1&uid=8d3d07b27edf4ebbb9415e7f4e5ad4c9

Request Chain 101

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DSonobi%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=43&ev=78df222c951d49d285835a54b03a47fb&pname=Sonobi&api-tier=1&uid=e2f7352b-0e20-41ab-b6e9-c845e0037d39

Request Chain 102

https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DLoopMe%26api-tier%3D1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
https://cks.connatix.com/cks?pid=18&ev=78df222c951d49d285835a54b03a47fb&pname=LoopMe&api-tier=1&uid=01daf87c-d796-4535-b93f-a1c6d4eaac7a&pubid=11186&gdpr=0

Request Chain 103

https://x.bidswitch.net/sync?ssp=connatix&user_id=78df222c951d49d285835a54b03a47fb&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=connatix&user_id=78df222c951d49d285835a54b03a47fb&gdpr=0 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8934d10c-0c84-4b9d-950c-692d00354be8&ssp=connatix&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 104

https://openrtb-us-east-1.axonix.com/syn?supply=5ce328d9-782d-464e-932e-67fa3dc4456b&uid=78df222c951d49d285835a54b03a47fb&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D49%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DEmodo%26api-tier%3D1%26uid%3DxxEMODO_IDxx&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=49&ev=78df222c951d49d285835a54b03a47fb&pname=Emodo&api-tier=1&uid=f4a6392c-21dc-4a29-a3a6-a2a72937571d

Request Chain 105

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Df7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D78df222c951d49d285835a54b03a47fb%2526pname%253DCentro%2526api-tier%253D1%2526uid%253Df7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553%2526gdpr%253D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Df7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D78df222c951d49d285835a54b03a47fb%2526pname%253DCentro%2526api-tier%253D1%2526uid%253Df7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553%2526gdpr%253D0&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCentro%26api-tier%3D1%26uid%3Df7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553%26gdpr%3D0 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCentro%26api-tier%3D1%26uid%3Df7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=9&ev=78df222c951d49d285835a54b03a47fb&pname=Centro&api-tier=1&uid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0

Request Chain 106

https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DYieldMo%26api-tier%3D1%26uid%3D%24UID&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=39&ev=78df222c951d49d285835a54b03a47fb&pname=YieldMo&api-tier=1&uid=VaU2IJJBD2JQi4whA7n7&gdpr=0

Request Chain 107

https://connatix-supply-partners.tremorhub.com/sync?UISCX=78df222c951d49d285835a54b03a47fb&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DTelaria%26api-tier%3D1%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=5&ev=78df222c951d49d285835a54b03a47fb&pname=Telaria&api-tier=1&uid=db6bba8788a249b1ab39d89ed412387f

Request Chain 108

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=cefb0745377a7e6a4fad31217dfdabd&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

Request Chain 110

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DResetDigital%26api-tier%3D1%26uid%3D%24USER_ID&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=35&ev=78df222c951d49d285835a54b03a47fb&pname=ResetDigital&api-tier=1&uid=0000015046F71F27

Request Chain 112

https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
https://cks.connatix.com/cks?pid=1&ev=78df222c951d49d285835a54b03a47fb&pname=SundaySky&api-tier=1&uid=d6.bccc29539bd645b99006ef1ac8558cd5

Request Chain 113

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DAdelphic%26api-tier%3D1%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=29&ev=78df222c951d49d285835a54b03a47fb&pname=Adelphic&api-tier=1&uid=c5e4e507-08f1-4332-9ff3-08b53f3cdbf6

Request Chain 117

https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NzhkZjIyMmM5NTFkNDlkMjg1ODM1YTU0YjAzYTQ3ZmI&extra1=78df222c951d49d285835a54b03a47fb&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport

Request Chain 124

https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w= HTTP 302
https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896

129 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/ 74 KB
16 KB 276ms
191ms Document
text/html 104.20.185.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.185.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b11608553a55d1192f82a3277380b34391d3c16f5332f2a7e14e8ab2f010525

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8aadd3f02d21ac31-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 29 Jul 2024 14:34:06 GMT
expires: 0
last-modified: Mon, 29 Jul 2024 13:51:58 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 119ms
46ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 14:27:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jul 2024 14:34:07 GMT

GET
H2 200 bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 119 KB
20 KB 111ms
39ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4693
content-length: 19736
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
server: cloudflare
etag: "624975547"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=096X0OBJcE1JPebyx%2BGp4dGZ3aJAS%2Bv2PPAgNlPg2njR95joYgBW%2FVH8XQOQvg94oxI9tmZJe2R68y7SGfjsHPkfUrpYW0nY4aDuB2j06WYkJA2cP8Aak%2FGmgxJ%2FAWcvZe%2FWLBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f1de2aac9c-YYZ
expires: Mon, 03 Jun 2024 14:52:20 GMT

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 52 KB
11 KB 135ms
63ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eabba658c5c7bd2f12938ba2a4a2e4fb9d52b6ba7e381a1062bc65ad115eebe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4693
cf-polished: origSize=65951
cf-bgj: minify
last-modified: Fri, 22 Mar 2024 20:52:49 GMT
server: cloudflare
etag: W/"2193699181"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePaUCPeeGXjbbPU7wufI22ILea%2BXb7XkCw2YgZRLlltEh%2Fo2s8BQ%2F97cONv%2Bgt2ZtPQw2GYIn%2F6UM%2BcE6gVFPUaQRQq8ogkwy90zUFBmbg4mAFvOsBt6CzTzj4Mp%2F7vq4xzgtoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f1de27ac9c-YYZ
expires: Mon, 03 Jun 2024 14:52:19 GMT

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 110ms
39ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3078
cf-polished: origSize=15024
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 03:04:07 GMT
server: cloudflare
etag: W/"327631530"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOrDrdFYl57T0Cr3fQtUwZJWP%2FdlRf8Xiwk18Whhoak%2B3uyZ6LzNoyYVferp6zFCoEuLIEyGUbQUGbxnyitHRYWcSYhB0atWaQ0nZClpc0j8yLGjqgsvwu%2BF2DwpKrhxbLv5fZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f1de23ac9c-YYZ
expires: Wed, 03 Apr 2024 20:19:37 GMT

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 29 KB
6 KB 133ms
62ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2619de3d55eb455a257f316d4d4a81be5f48704225c47c7a59c97c9300d7e09

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412
cf-polished: origSize=36395
cf-bgj: minify
last-modified: Tue, 16 Apr 2024 14:51:28 GMT
server: cloudflare
etag: W/"2215843995"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yq%2Fi7hFG946MXuV9mlcUK4GSRn8GIRvm2Auy4h9FEalx%2FYt8qtUdInpDi8R4BxGuualh3GdHsWwX15t0YKElwCXPDFOLOyP2zKlJ7qIvTLeQaEHu17MC%2BJkgXm7Q1EIspxvN%2FrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f1de25ac9c-YYZ
expires: Mon, 03 Jun 2024 14:53:51 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.bleepstatic.com/js/redesign/ 87 KB
31 KB 107ms
36ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3257
content-length: 30950
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: cloudflare
etag: "1177690299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L79dQZ0w0U5YZTO0McfIP5R%2FAA%2BX0WqW2%2BXEhg1TuTbW%2BLG%2FLtlp3kjZjwYrIBo4LSj8ngNOBbGwrZxraTVg3ieZB34pHzeVxYmH7gcT4DR7MjcZGNuC%2FJU0BXR8KaHCoV7%2B09o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f1de2dac9c-YYZ
expires: Wed, 03 Apr 2024 21:34:30 GMT

GET
H2 200 jquery-migrate-1.4.1.min.js Show response
www.bleepstatic.com/js/redesign/ 10 KB
4 KB 110ms
40ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412
content-length: 4014
last-modified: Fri, 20 May 2016 01:26:30 GMT
server: cloudflare
etag: "2177127834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4kMvRwQAFeUU9iP5xhwrIN7eTbHCDuEItEEPMIOb%2FxMj%2BAGCPlVc8Bn9Xj2RO14DTK%2BktoO71xmEhXqfyju3iS3aCWgGkSxqqedIFFq%2BaebcpgYSiLEClW%2F6D1I86rQE%2FGgOAuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f1de2cac9c-YYZ
expires: Mon, 03 Jun 2024 14:52:19 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
464 B 55ms
50ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412
cf-polished: origSize=247
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8Ge6U627BI120ZnYiUa6bD%2Bt9zqPSJbcRNJ%2FlBLTIxSUU4vrlys1db6ECrrI0oT1it6XAyuajeBJhWVxWOhwi8aQyjYWUtq06WQ8BjjO5Ik68IV6DluWCbbRQmJvqBGWsa3Yc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f29f0aac9c-YYZ
expires: Mon, 03 Jun 2024 14:53:51 GMT

GET
H3 200 cls.css
a.pub.network/core/pubfig/ 2 KB
1 KB 75ms
32ms Stylesheet
text/css 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/pubfig/cls.css

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 3558
x-guploader-uploadid: AHxI1nNNc79wz7MpRYrXtqeXyAr86nVkNniyILemjjJDyhUQQ_qd191T5DopgFwVQ3aukJqzVmZV1ZJQJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
server: cloudflare
etag: W/"816783146b3907e634d0e822ca759864"
vary: Accept-Encoding
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation: 1666967770269941
access-control-allow-origin: *
content-type: text/css
cache-control: public, max-age=3600
x-goog-stored-content-length: 2096
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray: 8aadd3f1b8d4ab4b-YYZ
expires: Mon, 29 Jul 2024 15:34:07 GMT

GET
H3 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 165 KB
52 KB 66ms
61ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0883b2f2e61e422911c1de9f98fc5c2977821c06143d2d933756fe42859a84fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 233990
x-guploader-uploadid: AHxI1nPkuQW99w2TjuuMWep7Jwy3QBK1HlBg4Iq9htrssrxlzt4P4h8chStSwBxcMwKeFdHg6LnS9sy6GQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Jul 2024 21:29:54 GMT
server: cloudflare
etag: W/"17034dcdc271a9b7b8dd70bb7f35a37f"
vary: Accept-Encoding
x-goog-generation: 1722029394322095
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=irH7qg==, md5=FwNNzcJxqbe43XC7fzWjfw==
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 169362
cf-ray: 8aadd3f299d1ab4b-YYZ
link: <https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Mon, 29 Jul 2024 15:04:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
105 KB 134ms
41ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43eb3a3f16d58da388c7f624e6ed92eee2145f05ef38b4df8f129c27af164466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jul 2024 14:34:07 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
2 KB 48ms
44ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951423
cf-polished: origFmt=png, origSize=1882
content-disposition: inline; filename="logo.webp"
content-length: 1152
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnqRO5crjAwk8H%2FGAKGiOhd6Myqr6hGPKAAwqkca%2BuqWigX4lbZXUhHkfuObgsQoluNsazOFeCyRBadqvUpTHyNcWo7nl5HXTIUyXtpyfDN37YTyN9VYBu78nO4nD6s5ieW7XMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f29f0cac9c-YYZ
expires: Sat, 17 Aug 2024 14:17:04 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

159ms
33ms

Script
text/javascript

2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 20:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 29 Jul 2024 20:02:21 GMT

Redirect headers

date: Mon, 29 Jul 2024 14:07:38 GMT
x-content-type-options: nosniff
server: sffe
age: 1589
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Mon, 29 Jul 2024 14:37:38 GMT

GET
H2 200 phishing-hook.jpg
www.bleepstatic.com/content/hl-images/2022/08/23/ 223 KB
224 KB 34ms
34ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2022/08/23/phishing-hook.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05cd2f321bc3371bc01d22c5e1884561a573430d861348a1a6609e26aea4fd9f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2504
cf-polished: qual=85, origFmt=jpeg, origSize=602083
content-disposition: inline; filename="phishing-hook.webp"
content-length: 228756
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Aug 2022 17:38:35 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0x30XV%2B5eFkrMmwpPfH6ru8TO%2BCJqFt0WCBi1JBeF%2F%2FkG7I3BhKfDhCxWHuHx1Mb6Fu5mLz94%2B%2Fm64JAnOjTviWutWn3oDEK3CyOy1Dn6ekNC95aXVAs4JuIHyx2qFqanKNJdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f1ee3aac9c-YYZ
expires: Wed, 28 Aug 2024 13:52:22 GMT

GET
H2 200 volume.jpg
www.bleepstatic.com/images/news/u/1220909/2024/Phishing/17/ 28 KB
28 KB 55ms
55ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/u/1220909/2024/Phishing/17/volume.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8938a562110413935be499cee7be5c47a5406749d0cb2075e8a03b6c137579

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2504
cf-polished: qual=85, origFmt=jpeg, origSize=49231
content-disposition: inline; filename="volume.webp"
content-length: 28240
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Jul 2024 08:25:39 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gm70PiuD98lZ16IkjGKmlqDhMfz6pFefTOM90kPVfBomrPstZ3h9R8YeOKmu%2FMOawgoBiubRok3mKj4Ud4pzWN%2FZrv5P4i8ouMySu0auh13dNF6qoX8IcJ6Hk5EY5lHou9RQ8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f1ee3eac9c-YYZ
expires: Wed, 28 Aug 2024 13:52:23 GMT

GET
H2 200 disney-sidechannel.jpg
www.bleepstatic.com/images/news/u/1220909/2024/Phishing/17/ 52 KB
52 KB 36ms
35ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/u/1220909/2024/Phishing/17/disney-sidechannel.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f0cef4d67e9d69ae3c3e075084e448b62963a8838c94b124782738863a3e59

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2504
cf-polished: qual=85, origFmt=jpeg, origSize=92272
content-disposition: inline; filename="disney-sidechannel.webp"
content-length: 52956
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Jul 2024 08:25:33 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FYIDjvHxBYN2YDROpIhdWuXsfkBwMMqT1CPul1V%2BRXPLudWzEJm6Si%2FFu%2B9zJBeoBcoIlAbvew52jyfEmUcEAJB6DYL6Mh%2Bm7huPnzReYUc2GWqpEU3GxPNO%2F9d%2Fwq%2FLOwmbuSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f27edbac9c-YYZ
expires: Wed, 28 Aug 2024 13:52:23 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 175ms
110ms Script
text/javascript 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

0a8f2a92bc49919cc08b5c4b18810ee5b19131a306f1c2940229f311fdf5bf84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53380
x-xss-protection: 0
server: cafe
etag: 15134321894895903817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 29 Jul 2024 14:34:07 GMT

GET
H2 200 registration-discount_everything-you-want-mountains.jpg
www.bleepstatic.com/c/m/mandiant/ 34 KB
35 KB 49ms
43ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/c/m/mandiant/registration-discount_everything-you-want-mountains.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5cd0a3adfd18b00e894599898d59effccb158fc212c425913aba281f1244a83

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429369
cf-polished: qual=85, origFmt=jpeg, origSize=182068
content-disposition: inline; filename="registration-discount_everything-you-want-mountains.webp"
content-length: 34980
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Jul 2024 22:57:25 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4p2ILqjtuPYz4ZbJ4xLDQYxYGvJFpPKmERKsBI3qWsReA9JA62jFM0DIKVhUvuwma9ukaEKgUsZaJbWdTmZWiM%2FR%2FQSx5cwkgQpbLHXSAHuYQNUKuucpfMk1S4G97L5jWnqR7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f29f07ac9c-YYZ
expires: Fri, 23 Aug 2024 15:17:57 GMT

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
669 B 47ms
44ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490789
cf-polished: origFmt=png, origSize=475
content-disposition: inline; filename="twitter.webp"
content-length: 282
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kzn3oXMGtHMRfz7NkRbx6jnAo%2BQ5va2itcuRMe6%2Fg0CqZJBrzaFE1UcYUQR%2FrM0UpMYgtXeiquRyAxnpnL%2BctjAGgUK4xHQrO6JBzg5UjAQzZjkgAK18FZf1EBcm%2Flxn%2BcEqoOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f29f0dac9c-YYZ
expires: Thu, 22 Aug 2024 22:14:18 GMT

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/bootstrap/js/ 50 KB
13 KB 46ms
43ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4271
cf-polished: origSize=75484
cf-bgj: minify
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
server: cloudflare
etag: W/"984724076"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FJxhmRVWR80yT9yBuKXMcOm6iBTr%2BfQp16yYjPCuv1o6GbaGhqjKxB4zucWfFRvVvlrXkxcn8OMCcZVI9IEzdm75IUnJksZ03%2BbUUJmq%2FAYZhBH06mvcpMAZARoaDPx3xJN%2BU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f29f0eac9c-YYZ
expires: Mon, 03 Jun 2024 14:52:19 GMT

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 37ms
31ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4673
content-length: 2009
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
server: cloudflare
etag: "753357888"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvlJlAwcxIPnnFOq95zrkSlVzzCw6mRcE%2B2vD6aRs8Lh5Ap%2BtfV8StkCgPpeDcxPKDanMP8DqoyO9a9fgQ6gMYTuipg7DumRqo8wMMgX5Tef9bC2LJV7lpcIaDs%2BOOKShd%2BSmCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f29f08ac9c-YYZ
expires: Mon, 03 Jun 2024 14:52:19 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
1 KB 52ms
48ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4271
cf-polished: origSize=3600
cf-bgj: minify
last-modified: Thu, 01 Feb 2024 03:51:53 GMT
server: cloudflare
etag: W/"2665978998"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=araehsaa116cjWr0tGEtC%2BIgds5DKK9x37XFpcZkouwPEmojRhXDYTrqxedBGQY8miaLW%2Fwd9GRxoJV7vuivn8QcmvXxZvicscr1rW3svqwYJcTp4J9z%2FY6YRrryncUvmD5urxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f29f0fac9c-YYZ
expires: Wed, 03 Apr 2024 19:14:36 GMT

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
10 KB 52ms
49ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4215
cf-polished: origSize=48706
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NR%2BGnsNK7pHiOUCxV9TP0OMtWJcp4JyO1x9unRQWTgjmnOJ3wJWzdpE9P9JVlWXh%2Bzo3%2BF44jIxK4TGjUzb0nlqjAZ0ynjUqdrfDn8c6osk%2F40Grpms%2FLcKyw5ndo5q%2B%2FTBZzAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f29f10ac9c-YYZ
expires: Wed, 03 Apr 2024 17:51:54 GMT

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 46ms
41ms Script
text/javascript 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
content-length: 2686
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
server: cloudflare
etag: "1740214911"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbTd7MGG1zLunVBH3KiI0DK4T1xubQL6%2BcKOKNwuJj2QRET9O2ah9h67s0WsxX8ACIBzC4qnSDRjKjhp49NidkEFQsei3QQRPT0%2FQgX6DOq0Mvzg4B6fpJcfLWHYi48D23hQ1y4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f29f09ac9c-YYZ
expires: Wed, 03 Apr 2024 17:52:15 GMT

GET
H3 200 connatix.playspace.js Show response
cd.connatix.com/ Frame B8BF 2 KB
1 KB 99ms
36ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.playspace.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1c5044a6b9dd3bcb9d424b559068a87c526a3fdf61511498c37284433272f1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8aadd3f2fe0aac3f-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 124ms
30ms Script
application/javascript 18.160.18.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.18.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-18-26.iad12.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:08:06 GMT
content-encoding: gzip
via: 1.1 02d40d77941fe6c2f8e7ff5156c01128.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
age: 1561
x-cache: Hit from cloudfront
content-length: 1696
last-modified: Fri, 19 Apr 2024 13:10:40 GMT
server: Apache/2.4.54 (Debian)
etag: "1090-61672d079f400-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: BJFPBwySA2pjZynhR6dgIaptK2zrUzyo9QGJ_OLRqSsMPZxotSe9Qw==

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 353 KB
93 KB 135ms
34ms Script
application/javascript 18.160.46.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-104.iad55.r.cloudfront.net

Software

Apache/2.4.54 (Debian) / PHP/8.2.0

Resource Hash

5920fd20b1b26b2b5593b080c342fa269808adba56b2f3941d3318cd5a8bbe32

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 29 Jul 2024 13:58:25 GMT
Content-Encoding: br
Via: 1.1 1531d925e2f1f9058974d2e519bbc57e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD55-P2
Age: 2142
X-Powered-By: PHP/8.2.0
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 0
Last-Modified: Mon,29 Jul 2024 13:58:25 UTC
Server: Apache/2.4.54 (Debian)
ETag: W/"02d604df6355cf1e3eb705d385820bde"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Id: Z0fMfdWAa-Hr9_CJhN8IvncwOPQy8zLeM2pa136foOApVXpK0bfSRg==

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
0

149ms
149ms

Script
text/javascript

2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 20:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 29 Jul 2024 20:02:21 GMT

Redirect headers

date: Mon, 29 Jul 2024 14:07:38 GMT
x-content-type-options: nosniff
server: sffe
age: 1589
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Mon, 29 Jul 2024 14:37:38 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
502 B 57ms
50ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3260
cf-polished: origFmt=png, origSize=187
content-disposition: inline; filename="login_bg.webp"
content-length: 126
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCokklBzAzIA3VCIugcBZmyzp4W954XDV%2BI0rk8g5%2BWMKEjqVddVJZgzlgkgDsBrTog90ucgaNcHPvDUhLblPA2zlCapeb2YBtnbI0OzzkrSjECkqve%2FAtczLgO9QcGUkJ3Tna0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2af15ac9c-YYZ
expires: Wed, 29 May 2024 14:52:19 GMT

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
565 B 45ms
38ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1019334
cf-polished: origFmt=png, origSize=83
content-disposition: inline; filename="nav_bg.webp"
content-length: 72
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEePhqBfgnZVaUQ%2BHGK5ngaCiTLfC9N5RBDPRJQN0dcHgDQWqj2wv%2BgoDN1cNPrYXwoWIqW8FE1bf2jHGs3KPVQ167kXcrW%2Bplu1k6NiX0cB8zUBwyDnr75npj5rt2KJHHNzAMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2af16ac9c-YYZ
expires: Fri, 16 Aug 2024 19:25:13 GMT

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
808 B 45ms
37ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423227
cf-polished: origFmt=png, origSize=824
content-disposition: inline; filename="20x20-printer.webp"
content-length: 422
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0%2F45Nd8xWm%2BGWbyCqtHO8TUPjQnm0c%2FnhMdLPkOAb%2F2KuCg5Xw3zk%2B2VvJ1a25G8THbQdyjXEB97b%2Fn5lwrLWSEeNzQSUi5uh422Y1NY7o3tyCZiW6iBtf7EGHjdcjlUaQMK6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2bf1dac9c-YYZ
expires: Fri, 23 Aug 2024 17:00:19 GMT

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
468 B 45ms
38ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419319
cf-polished: origFmt=png, origSize=129
content-disposition: inline; filename="calendar.webp"
content-length: 86
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nopzCE2tqtW6dxrec5icy5TMvB6AZOUm1Yo7Z6s%2Fqkej2Dc45WHm%2Fq%2BtKr39BRRzPX2yJAuNG2oLeUnc1Lk8OeCIDoJa6JtRyVRawot2la2j5UBeEWCoN%2Fm9DYYqPYEPYzx4BHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2bf1eac9c-YYZ
expires: Fri, 23 Aug 2024 18:05:28 GMT

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
629 B 46ms
40ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6320
cf-polished: origFmt=png, origSize=1316
content-disposition: inline; filename="clock.webp"
content-length: 252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BlUsbz73wQ15qxxcualyJw7V%2F5h%2B4j6TqlFYK0pPDyQrMMdVObIphS4z4PINmPCaoNNw0JGGAmPdBeCsvZxBdaA%2BCbucME%2B1yME7J3dgAFXRHDUEFYeaJqP8sulHY4vEn6tCbXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2bf21ac9c-YYZ
expires: Wed, 29 May 2024 14:52:20 GMT

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 94 B
480 B 45ms
38ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1706519
cf-polished: origFmt=png, origSize=1034
content-disposition: inline; filename="comment-light.webp"
content-length: 94
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ld7eG9%2BXs1eqqOSRiWB9I8KYymtF2RoIX0tFjIONWSBbod9QsEROvQOkH%2Bp8R92v%2BrKWV9a4rJcZlV5MnTU6q8zLjtCrxis%2FFmYoHEMc6UP3tfCI6uDZdUfZrxxK6m%2BnYo9%2FqXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2bf23ac9c-YYZ
expires: Thu, 08 Aug 2024 20:32:08 GMT

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
662 B 45ms
39ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421908
cf-polished: origFmt=png, origSize=618
content-disposition: inline; filename="32x32-printer.webp"
content-length: 256
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyZuhiJOIDWFHFKtqFTllG7p0uvnVbN4sVnOj0eVm7CvTmf46FImh1OwqTV3IaaKo304RDxgmULgRecavdXSUJf35CxqoqQqyM7UyIWL1%2B9BAbv69qp%2Fy6P%2Fm7RsptG1BFO48VM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2bf25ac9c-YYZ
expires: Fri, 23 Aug 2024 17:22:18 GMT

GET
H2 200 42758747b8592c683aa2b2162019ddfa.jpg
www.bleepstatic.com/author/photos/ 7 KB
7 KB 46ms
40ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/42758747b8592c683aa2b2162019ddfa.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1471271
cf-polished: qual=85, origFmt=jpeg, origSize=12322
content-disposition: inline; filename="42758747b8592c683aa2b2162019ddfa.webp"
content-length: 7248
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Sep 2021 21:25:46 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJq3CUe7uldecNc5yJBWesPKDCmpK%2FmLFPT4%2FAsK8WR4iFFI1Wjf0EyC4qKT31kJwJZ0ZGUaKf46yYDPZJuLVip0%2F9gOvdbZtH0KjaRQ7sOzEyg4mwE6JxcQFpurQGfztHzPCeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2bf28ac9c-YYZ
expires: Sun, 11 Aug 2024 13:52:56 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
511 B 44ms
39ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=03.22.24.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 426484
cf-polished: origFmt=png, origSize=72
content-disposition: inline; filename="h4-bg.webp"
content-length: 38
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwahLDNm9yZYKP2o4dHixgUXh%2FgC01BcIMhEe6RGPS6HqdE6hUmSATHs81noFXh3VTSfVFB83TpiwSd0raL517ynFbrnPuhcZj6lDMvqVfaoxaSc5xjA3%2B9N3k1IBGd9vJIvI3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f2bf29ac9c-YYZ
expires: Fri, 23 Aug 2024 16:06:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 220ms
76ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 20:09:26 GMT
x-content-type-options: nosniff
age: 239081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Jul 2025 20:09:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 182ms
38ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 19:36:34 GMT
x-content-type-options: nosniff
age: 68253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Jul 2025 19:36:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 210ms
66ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 21:55:42 GMT
x-content-type-options: nosniff
age: 59905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Jul 2025 21:55:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 174ms
30ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 09:55:32 GMT
x-content-type-options: nosniff
age: 189515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 09:55:32 GMT

GET
H2 200 configs
d.pub.network/v2/sites/bleepingcomputer-com/ 84 KB
8 KB 183ms
54ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

3f7b716c3dc8cf73f2ca3aef90cbe6d6ed3299e3b3191ff7782bde9da3df018d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 psLoader.js Show response
cds.connatix.com/p/514916/ Frame B8BF 7 KB
3 KB 38ms
33ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/psLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54c941d0d2e68fdacc5a1a2e4b31137726e2105f4d0f9d5a8fe4cec9674439bb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: CnWzQ25JDEP.7qC5ILIM0hofEFb73zmS
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 2256
last-modified: Mon, 29 Jul 2024 13:29:06 GMT
server: cloudflare
etag: "3e23a5f266a44603f66ee4c68f1b990f"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f3ded8ac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 127ms
35ms Image
image/x-icon 64.233.180.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f149.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jul 2024 14:27:12 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 131ms
39ms Image
image/svg+xml 23.52.9.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.9.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-9-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Wed, 28 Aug 2024 14:34:07 GMT
date: Mon, 29 Jul 2024 14:34:07 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
2 KB 35ms
33ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412
cf-polished: origSize=4895
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKEpXtVSNxICUpy62%2BPv40UQ6T121Ti9GoVY5vq%2FuwbxOyXKj4s26xv9LGmcngYum8%2F7RLfFc4NC4GNRuK9uzEi30cSw73QtXG723Bla2PMFpJQ2m7wK%2Bka7G5NkhLfgH9QxJS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8aadd3f468e5ac9c-YYZ
expires: Mon, 03 Jun 2024 14:55:03 GMT

GET
H2 200 fontawesome.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 79 KB
17 KB 33ms
32ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/fontawesome.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4674
content-length: 17356
last-modified: Mon, 14 Nov 2022 22:35:03 GMT
server: cloudflare
etag: "2038534161"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bmIo91uvH9g5yEm9UYrm655IdV0ExQwcbrTpN3DXggTpiAZbROyRxTjTQ1zKt8tlTU%2Bvenlllo%2F3L9E6aeUWaxH9SsPAT7TPvmigsJzSkaA1errCK8koejW37Vnts2qN%2BTfy52w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f468e6ac9c-YYZ
expires: Wed, 03 Apr 2024 19:14:36 GMT

GET
H2 200 brands.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 18 KB
5 KB 34ms
34ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
content-length: 4725
last-modified: Mon, 14 Nov 2022 22:34:45 GMT
server: cloudflare
etag: "2013745295"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E61scjaABuotFxVaQje0ztiUV51Q13D%2BYUFB3umZ1J1NwYom4pYsMiBKxxNREHLlEwUamLa6xeYyHlBpe460D70WyxjbwVCj8qkRZQVE4a3tYiqSNHwvuELvkR9wAnQG2593OPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f468e7ac9c-YYZ
expires: Mon, 03 Jun 2024 14:51:55 GMT

GET
H2 200 solid.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 572 B
662 B 35ms
35ms Stylesheet
text/css 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981
content-length: 325
last-modified: Mon, 14 Nov 2022 22:34:55 GMT
server: cloudflare
etag: "508050520"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fx%2BgX6gzMwmhYvFwCYJfr%2BXm0D4OekvZL226u3x63antvEY1c%2F93zt%2Farm4IC8XTHFHA4jwtvh5P9kpN3e81uETAd4yqx7NXYedHaKzsyimUkUNlFQ2FKAHpoPPBR5TmmXT31zc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
cf-ray: 8aadd3f468e8ac9c-YYZ
expires: Wed, 24 Apr 2024 06:24:07 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407240101/ 424 KB
143 KB 118ms
117ms Script
text/javascript 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407240101/show_ads_impl_fy2021.js?bust=31085601

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

04a91f06850a23f4fde6e9f51bf1b4465e71d988176d91233c4dbcc25f4ec9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146361
x-xss-protection: 0
server: cafe
etag: 5547402725885049034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jul 2024 14:34:07 GMT

GET
H2 200 fa-solid-900.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 147 KB
147 KB 109ms
58ms Font
application/octet-stream 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-solid-900.woff2
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

Referer: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 22:33:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 980
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpnlIZCloifnKJ9hKK1lHBhTXVH%2Fiu5UN3i1o7coYGsTp15H0hqpuxuW9KI8TL63C%2BCEqosWqjTJH%2BrppOxta924wBQtYfFxBCt%2Ba5ebEvSuAiUPPz0a2M9%2Bve3jDqZvPBa3qnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8aadd3f52de9aaba-YYZ
content-length: 150472

GET
H2 200 fa-brands-400.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 105 KB
106 KB 83ms
32ms Font
application/octet-stream 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-brands-400.woff2
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

Referer: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 22:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 980
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=21UDLBsTl6o28RjJoi7XtYlid%2FUCxM5V10Jmj67vuFkaxwWRJ3iziNwlgnR09uXq7RXBv5YmpK5dq4fTRNcBMyzbDW9H0kKyTmSflJBjTFsqL0VjDw3BQcgE9wNF5vGGs4GCVsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8aadd3f52debaaba-YYZ
content-length: 107460

GET
H2 200 292x176_WhatsApp.jpg
www.bleepstatic.com/content/hl-images/2022/05/31/thumb/ 15 KB
16 KB 34ms
32ms Image
image/jpeg 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2022/05/31/thumb/292x176_WhatsApp.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fa9f2abb46b1a8feee43be9a545c6bbb4fc031347a4ddc0d5e483e651a99cfb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122321
cf-polished: degrade=85, origSize=61744, status=webp_bigger
content-length: 15671
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 May 2022 22:46:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhBXreaGBFySmuqYVVgz2e4SlUyrXOlO974AKdGy8cJ76S5ZFwSIGKkTlyMqrhM%2FYCfM9dXtbNTETV8Rioj1Kf%2F5y8Yp7vn2t6absjGfxyeEWKNv14HpzNu7GhCT814Db5mHbEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f4d957ac9c-YYZ
expires: Tue, 27 Aug 2024 04:35:26 GMT

GET
H2 200 292x176_Windows11.jpg
www.bleepstatic.com/content/hl-images/2024/07/18/thumb/ 8 KB
8 KB 35ms
33ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2024/07/18/thumb/292x176_Windows11.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed330707f931faa8dc2b80055652e933d053e7da098beb9d401b4ecc2e442c0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78148
cf-polished: qual=85, origFmt=jpeg, origSize=41490
content-disposition: inline; filename="292x176_Windows11.webp"
content-length: 8234
cf-bgj: imgq:85,h2pri
last-modified: Thu, 18 Jul 2024 14:24:49 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RP%2BATErI%2FTQgASUKHNHuk0g8z2z6iZ041rUnfts8GjcomaIRIzT4aUg%2B%2FVFkBPAChrJ5Ed50YWL%2Bv6R%2BldmRoQ6u60tCUqSRHlM3dcyudWmo6k2iflw2ESrrRSlJjQLxvX1NsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8aadd3f4d958ac9c-YYZ
expires: Tue, 27 Aug 2024 16:51:39 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 118ms
37ms Fetch
text/plain 2607:f8b0:400d:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je47o0v878037826za200&_p=1722263647122&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1696872600.1722263648&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722263647&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fproofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily%2F&dt=Proofpoint%20settings%20exploited%20to%20send%20millions%20of%20phishing%20emails%20daily&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=925
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 connatix.playspace.js Show response
cds.connatix.com/p/514916/ Frame B8BF 456 KB
107 KB 36ms
35ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/psLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7686d08289fc69c41960ad5cade1396148d0d2381fd6d7c6c2293ceb0834c8e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: Q2HbKpLNrUtXBLlm43CoZSBmuI41wOk_
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 109077
last-modified: Mon, 29 Jul 2024 13:29:05 GMT
server: cloudflare
etag: "9711355a8ed019f185f6786899e037d2"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f568ffac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H/1.1 200
OK spc_fi.php Show response
cdn.firstimpression.io/delivery/ 39 KB
8 KB 186ms
107ms XHR
application/json 18.160.46.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fproofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily%2F&charset=UTF-8&ch=7&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=37461234
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-100.iad55.r.cloudfront.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 3c9f70c0ad7a85b11341995f3ad37b927a55855fcd2077e8e4266d80cb129a7c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 29 Jul 2024 14:34:07 GMT
Content-Encoding: gzip
Via: 1.1 9c13d38452f2017c92d65c8904408686.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD55-P2
X-Cache: Miss from cloudfront
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 7806
Pragma: no-cache
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: eowJrYxEaePuFMce2oVXsqek2HZdEa3wK0M2fxs0w7LR7EP8l2wZ5A==
Expires: 0

GET
H3 200 / Show response
optimise.net/ 6 KB
6 KB 72ms
51ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop&c=CA

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

5f8ac9a97ef9c0cbf4cb74d3c651b3bdd443fa86c146ed1ada3061390cc464a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
fs-client-rtt: 16
fs-country: CA
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fs-client-rtt,fs-country
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 192ms
118ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop&c=CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fs-client-rtt,fs-country
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Mon, 29 Jul 2024 14:34:07 GMT
expires: 0
fs-client-rtt: 16
fs-country: CA
pragma: no-cache
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H3 200 playspace.renderer.js Show response
cds.connatix.com/p/514916/ Frame B8BF 274 KB
63 KB 42ms
41ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/playspace.renderer.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2e76e4fc48c118d1a66fc26d3d2b573b360a112045eb53cb230346c1f1688c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: koGLy6TThFvDA2rC1Oi9pTGSPoyBncHJ
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 63763
last-modified: Mon, 29 Jul 2024 13:29:06 GMT
server: cloudflare
etag: "5f1f46b10cb2adafc840d506e2ae2aa4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f669d1ac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 playspace.hls.js Show response
cds.connatix.com/p/514916/ Frame B8BF 289 KB
75 KB 60ms
60ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/playspace.hls.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dca59a7344d2ef98a0c5a2e54cd42f4fb3890d530853a2500f847d640278e5a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: DMo4hz.5FWmWN5ydehbkSzq6WuD5RMO_
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 76424
last-modified: Mon, 29 Jul 2024 13:29:06 GMT
server: cloudflare
etag: "b9bc08d0a5274dee0fbdcfce098fab9b"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f669d4ac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 cSyncRemoteEntry.js Show response
cds.connatix.com/p/514916/ Frame B8BF 3 KB
2 KB 33ms
33ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/cSyncRemoteEntry.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ceb0aa4be910d943f6e6405f3b4fcb31fb1844f48bbc8e8ebe761fd1773724

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: CxATVehU1ypo8Ss.NgLf4mxKTk9nHzNP
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1392
last-modified: Mon, 29 Jul 2024 13:29:05 GMT
server: cloudflare
etag: "31936116f3f83d7abcaeb434715a5ff7"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f669d8ac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 connatix.playspace.css
cds.connatix.com/p/514916/ 117 KB
14 KB 33ms
32ms Stylesheet
text/css 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/connatix.playspace.css
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4aef8354ee5b81b1fab7d69f14bd265b2d8b62aa92b8b4807959835140acf1d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: _fA6M12qm.HcnvGR6LlECNP1w3BH057D
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 14369
last-modified: Mon, 29 Jul 2024 13:29:05 GMT
server: cloudflare
etag: "48245a5aff3aecfadbea8d2eb241f8de"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f669e1ac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 playspace.ads.js Show response
cds.connatix.com/p/514916/ Frame B8BF 401 KB
90 KB 58ms
58ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/playspace.ads.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93d0008df2648e065daaabc9376b08be9ecb5bd136d7b0520cce4f5e69329c08

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: 5T8ZStCFjDcL4UVKCfAj07wxNOmxTvrm
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 91594
last-modified: Mon, 29 Jul 2024 13:29:05 GMT
server: cloudflare
etag: "dd768bff24e0c3fdf1d36c71b8559d8a"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f669e2ac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240724/r20110914/ Frame 4BC0 0
0 101ms
32ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240724/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407240101/show_ads_impl_fy2021.js?bust=31085601

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 79968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jul 2024 16:21:19 GMT
etag: 2738592464165616
expires: Sun, 11 Aug 2024 16:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
94ms Image
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D4FB 0
0 146ms
100ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1722261118&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fproofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_9~30_19&aiixl=27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722263647457&bpp=2&bdt=524&idt=306&shv=r20240724&mjsv=m202407240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=519133147969&frm=20&pv=2&ga_vid=1696872600.1722263648&ga_sid=1722263648&ga_hid=1431518972&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531513%2C44795922%2C95334526%2C95334828%2C95337868%2C95338263%2C31085601%2C95336521%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2152050457257817&tmod=600057823&uas=0&nvt=1&fsapi=1&fc=896&brdim=1430%2C1170%2C1430%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=333

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407240101/show_ads_impl_fy2021.js?bust=31085601

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jul 2024 14:34:07 GMT
expires: Mon, 29 Jul 2024 14:34:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 63 KB
26 KB 151ms
43ms Script
application/javascript 18.189.4.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.189.4.224 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-4-224.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 10bfeb1a7b0a161f0714bb2e3b6fd453706891e1b169b7010b0c4707e5311386

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 29 Jul 2024 14:34:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2024 18:19:17 GMT
Server: nginx
ETag: W/"6679b8a5-fb74"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H3 200 295.js Show response
cds.connatix.com/p/514916/ Frame B8BF 67 KB
18 KB 43ms
43ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/295.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16253045d722e1dc4ba2b6c101041428dbde1c8c5747c4d9b840bdd23052bad

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: o1cBxhBM_RX7JpUmu1qjdyCBrBXVPG8d
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 17931
last-modified: Mon, 29 Jul 2024 13:29:05 GMT
server: cloudflare
etag: "df1761b435c846976c1270e96d9f1666"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f70a6bac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 229.js Show response
cds.connatix.com/p/514916/ Frame B8BF 10 KB
3 KB 42ms
41ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/229.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f28548cfc898a4f145256357adefc072c39b2928ee3330ea4845dd34c185f94

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: RsgLOCpRR632.N3WqKepKpLzdv25L2lz
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3107
last-modified: Mon, 29 Jul 2024 13:29:05 GMT
server: cloudflare
etag: "b3bf256682ffbc34b96bd81d817e906f"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f70a6cac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 402.js Show response
cds.connatix.com/p/514916/ Frame B8BF 3 KB
1 KB 43ms
42ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/402.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2a3f4db9364ad6b2d1e2c6a70fb215fc2ecd16671788d08e1ce22cf5185761

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
content-encoding: br
x-amz-version-id: UYv4JKCWELP3mN6n6WsCd6WBQ_wFk8Pf
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1150
last-modified: Mon, 29 Jul 2024 13:29:05 GMT
server: cloudflare
etag: "e032470ebdaafc55fe906c2e09cea247"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f70a6dac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:07 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 193ms
118ms Script
text/javascript 209.85.232.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f156.1e100.net

Software

cafe /

Resource Hash

f325ab78ef25034bd02bb7965c1612ebee48b2b97bc5f40172dee6873d44afac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31570
x-xss-protection: 0
server: cafe
etag: 808 / 19933 / m202407230101 / config-hash: 15957915228306808542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Jul 2024 14:34:08 GMT

GET
H3 200 pubfig.engine.js Show response
a.pub.network/core/pubfig/5.84.8/ 381 KB
109 KB 47ms
45ms Script
text/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/pubfig/5.84.8/pubfig.engine.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59acb0309b7b2701242fe053444f081f0116aad38c203b0a66593b6c8112226b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 234025
x-guploader-uploadid: AHxI1nPUuAZxd2bN9jHDCMfd7GpBTpKse3aB1LQFKqbHYtAaLoyAq-fxTf7x_YFSIArKn5AyCA0B78r9Eg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Jul 2024 21:00:53 GMT
server: cloudflare
etag: W/"4f6027e7388861f7d285e8ee4b8967b5"
vary: Accept-Encoding
x-goog-generation: 1722027653372773
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=3Tyn4Q==, md5=T2An5ziIYffShejuS4lntQ==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 390426
cf-ray: 8aadd3f76e4dab4b-YYZ
expires: Mon, 29 Jul 2024 15:34:07 GMT

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame B8BF
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

7 KB
3 KB

66ms
65ms

XHR
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb05db78d92f1541454725f7452868f9994d9443d360b706f8bea5d0e2bf0eb9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3f7fb2fac3f-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 2702
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 29 Jul 2024 14:34:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3f78aceac3f-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 27
alt-svc: h3=":443"; ma=86400

POST
H3 200 story Show response
capi.connatix.com/core/ Frame B8BF 37 KB
16 KB 115ms
107ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=514916
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed62e48f5893bdd45db6aa24f7bf4424d5e82804c3b7d9d2ae54feb0e4b4decb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-protobuf
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3f78acfac3f-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 93 KB
21 KB 117ms
34ms Script
text/javascript 104.18.20.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.84.8/pubfig.engine.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f26bb5cf209deae03231b846150e981c62ddcdf9e8520592eaaf5da8609e88a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 67JWV6J3HK7EVVVE
age: 516
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 20776
x-amz-id-2: GxigadjnzYj4hjm/RZiMi7usrEG4ivCCnsii3L0SC2S9yAHFi5Oe1fm5lifzwVh347j4Labbrlo=
last-modified: Mon, 29 Jul 2024 14:20:39 GMT
server: cloudflare
etag: "4e933c7d106770adc375dfdd89cac913"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 8aadd3f89bfa36bb-YYZ

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true

55 KB
19 KB

106ms
34ms

Script
application/javascript

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=freestar-io&upapi=true
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
Protocol: H2
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8fc7c2861131f1a9411019e8b2cf15d0941ba88e909fa9067967bafef923e1c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 29 Jul 2024 14:05:12 GMT
server: cloudflare
age: 1736
etag: "ce83cb103f13cdb58383f4c567be269d"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8aadd3f95a1436d8-YYZ
content-length: 18694

Redirect headers

date: Mon, 29 Jul 2024 14:34:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gNLM58AYqdIaUHA3DsNymuwf67R0Aho6MAQjGw5QL0U2z%2BdVrU7pJThdAnxmbwWH1lM9KZnSLhgbXrcTcFv5K9%2F%2BRQrK%2BVMvnILN7gUnON3XcUcHz%2Bt%2F0ClwJhtSit8bQh%2BXwjMfMaeGJbESLCEUPp%2F5IcoZVH0IW0S8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
cf-ray: 8aadd3f87f00ac84-YYZ
content-length: 167
expires: Mon, 29 Jul 2024 15:34:08 GMT

GET
H3 200 prebid-analytics-8.49.5.js Show response
a.pub.network/core/ 594 KB
198 KB 71ms
69ms Script
text/html 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/prebid-analytics-8.49.5.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.84.8/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9fd3af94826cb54d36da11be4f5d4fb45e57f49876977c49fc7198b30e1c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 61224
x-guploader-uploadid: AHxI1nMgucbXnBWQlGQqXgHgdsQmsbv9mwSZF7Ji6iabGdTo6nsk_YV6q8W9Q4uSo5Y327uS2b7EvBg9KA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Jul 2024 09:51:50 GMT
server: cloudflare
etag: W/"7223ca93e809f47cc34fe17ce8952aa5"
vary: Accept-Encoding
x-goog-generation: 1721209910687321
content-type: text/html
access-control-allow-origin: *
x-goog-hash: crc32c=4h4jsg==, md5=ciPKk+gJ9HzDT+F86JUqpQ==
access-control-expose-headers: *
cache-control: public, max-age=31474776
x-goog-stored-content-length: 608747
cf-ray: 8aadd3f82ef4ab4b-YYZ
expires: Mon, 28 Jul 2025 21:33:44 GMT

GET
H3 200 analytics.min.js Show response
a.pub.network/core/analytics/1.4.2/ 13 KB
6 KB 35ms
34ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/analytics/1.4.2/analytics.min.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.84.8/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 234026
x-guploader-uploadid: AHxI1nPS2eh2tgeDbK4asCsGMi3cp0473XEuajEAevWBdNRcVsfpity4Bd3OUJIVK3xwmpsz7258aad9Ww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 May 2024 13:59:25 GMT
server: cloudflare
etag: W/"35dcda30703508261b9c4d8f98f94a6a"
vary: Accept-Encoding
x-goog-generation: 1716386365851052
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=vucjuw==, md5=NdzaMHA1CCYbnE2PmPlKag==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 13601
cf-ray: 8aadd3f82ef6ab4b-YYZ
expires: Mon, 29 Jul 2024 15:34:08 GMT

GET
H3 200 insights.bin Show response
ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/d79a5a67-7a4f-4ab3-9248-45e8e8865c9d/ Frame B8BF 468 B
559 B 80ms
39ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/d79a5a67-7a4f-4ab3-9248-45e8e8865c9d/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942f1964307ee1d461203bbd688e4bba08186a3e4dde9900cf0565f7608cd192

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jul 2024 12:38:22 GMT
server: cloudflare
etag: W/"ac52398008ce606c5d9cb7566fc8ebae"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8aadd3f89a92abb5-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 14:34:08 GMT

GET
H3 200 playspace.iframe.integration.destroy.js Show response
cds.connatix.com/p/514916/ Frame B8BF 737 B
744 B 46ms
45ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/514916/playspace.iframe.integration.destroy.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ed2d6930b5010994c63cd7908ab44a6cdded82008f41b82aa5f82278e8e89a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
x-amz-version-id: Jw_YX2Nvzg3eticH14x4XqU35W5tYqfX
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 375
last-modified: Mon, 29 Jul 2024 13:29:06 GMT
server: cloudflare
etag: "bf26437ee7e8af2159eb5bf33b50aef3"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8aadd3f85ba4ac3f-YYZ
access-control-allow-headers: range
expires: Tue, 29 Jul 2025 14:34:08 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 insights.bin Show response
ins.connatix.com/6395b2b6bf565c715db794d107963385/ Frame B8BF 540 B
637 B 49ms
36ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/6395b2b6bf565c715db794d107963385/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b9969459516e82d0d53b277fc746f7212aa3748db9c4a1a7f88c2f7b064f18

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jul 2024 13:52:57 GMT
server: cloudflare
etag: W/"9a02572269efe76795ee7fcf57887892"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8aadd3f89a90abb5-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 14:34:08 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0&s=190549&C=1
https://cks.connatix.com/cks?pid=17&ev=78df222c951d49d285835a54b03a47fb&pname=Index&api-tier=1&uid=ZqeoYNHM6b0AAHK7AG2t4gAA%263617

139 B
254 B

38ms
38ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=17&ev=78df222c951d49d285835a54b03a47fb&pname=Index&api-tier=1&uid=ZqeoYNHM6b0AAHK7AG2t4gAA%263617
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 209b9add66386ba6e93616e6b657362cc169bb4eaf141e8db924376f14c5d583

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fa6da3ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tgu3CWGkvuqYqK9%2BJHlFzjWeIJIMhgFkPiT6J%2BcEp5it9T%2FzXxpXXBAK%2FuTywiOMwgIRo3P8D0YQTOnHJRWqdQg2v%2B%2FBT4c%2BzVFZs2%2BGyimD%2FqVRDhl%2BFw1EH2vgHco4Vc35SO%2Fq"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cks.connatix.com/cks?pid=17&ev=78df222c951d49d285835a54b03a47fb&pname=Index&api-tier=1&uid=ZqeoYNHM6b0AAHK7AG2t4gAA%263617
cache-control: no-cache
cf-ray: 8aadd3f9bcb33a09-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&g...
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&g...
https://cks.connatix.com/cks?pid=15&ev=78df222c951d49d285835a54b03a47fb&pname=Beeswax&api-tier=1&uid=AAB8GE7NT1EAABTTJk3Eug&gdpr=0

132 B
246 B

34ms
34ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=15&ev=78df222c951d49d285835a54b03a47fb&pname=Beeswax&api-tier=1&uid=AAB8GE7NT1EAABTTJk3Eug&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7480ccfb32e034f954e89594e862ed1c34bdd907146befcd3493339a4295e8a1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fa8dbbac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=15&ev=78df222c951d49d285835a54b03a47fb&pname=Beeswax&api-tier=1&uid=AAB8GE7NT1EAABTTJk3Eug&gdpr=0
Date: Mon, 29 Jul 2024 14:34:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://cks.connatix.com/cks?pid=19&uid=251a112c-bbcc-4012-b6a7-76f11841de2a&ttl=1724855648

146 B
255 B

40ms
39ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=251a112c-bbcc-4012-b6a7-76f11841de2a&ttl=1724855648
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fecf8a3709ca731c038b7c2e0393b0395f0195a97576b1942812331b9883ed0d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fa6d9fac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=19&uid=251a112c-bbcc-4012-b6a7-76f11841de2a&ttl=1724855648
date: Mon, 29 Jul 2024 14:34:08 GMT
server: Kestrel
content-length: 213

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DAmobee%26api-tier%3D1%26uid%3D%23USER_ID%23&gdpr=0
https://cks.connatix.com/cks?pid=21&ev=78df222c951d49d285835a54b03a47fb&pname=Amobee&api-tier=1&uid=2605327058621891724

129 B
241 B

33ms
30ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=21&ev=78df222c951d49d285835a54b03a47fb&pname=Amobee&api-tier=1&uid=2605327058621891724
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e1a4a8a66b0fbbc745fac7a15b4e7e51c8177fa87603794d0c090ea611c9f4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3f9cce4ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=21&ev=78df222c951d49d285835a54b03a47fb&pname=Amobee&api-tier=1&uid=2605327058621891724
pragma: no-cache
date: Mon, 29 Jul 2024 14:34:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DTripleLift%26api-tier%3D1%26uid%...
https://cks.connatix.com/cks?pid=25&ev=78df222c951d49d285835a54b03a47fb&pname=TripleLift&api-tier=1&uid=2802629442880840033773

132 B
243 B

41ms
40ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=25&ev=78df222c951d49d285835a54b03a47fb&pname=TripleLift&api-tier=1&uid=2802629442880840033773
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ceb4783e9abe62ca97af8213a8119e6ebeac1c09aad92da6c8a4b76b6154dc8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fa6da2ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=25&ev=78df222c951d49d285835a54b03a47fb&pname=TripleLift&api-tier=1&uid=2802629442880840033773
date: Mon, 29 Jul 2024 14:34:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DAppNexus%26api-tier%3D1%26uid%3D%24UID=&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D78df222c951d49d285835a54b03a47fb%2526pname%253DAppNexus%2526api-tier%253D1%2526uid%...
https://cks.connatix.com/cks?pid=6&ev=78df222c951d49d285835a54b03a47fb&pname=AppNexus&api-tier=1&uid=3654099958127343586=&gdpr=0

129 B
242 B

41ms
40ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=6&ev=78df222c951d49d285835a54b03a47fb&pname=AppNexus&api-tier=1&uid=3654099958127343586=&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c8add5d870467f2421c76df7c1741726570022f324d202d2ee83ed06743382

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fa6da0ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:08 GMT
an-x-request-uuid: c429e4a7-c207-4f27-bbdf-43d84cd7513d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cks.connatix.com/cks?pid=6&ev=78df222c951d49d285835a54b03a47fb&pname=AppNexus&api-tier=1&uid=3654099958127343586=&gdpr=0
x-proxy-origin: 167.114.209.103; 167.114.209.103; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DNexxen%26api-tier%3D1%26uid%3D%5BRX_UUID%5D...
https://cks.connatix.com/cks?pid=44&ev=78df222c951d49d285835a54b03a47fb&pname=Nexxen&api-tier=1&uid=OPTOUT

116 B
232 B

46ms
42ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=44&ev=78df222c951d49d285835a54b03a47fb&pname=Nexxen&api-tier=1&uid=OPTOUT
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87520999fa41b89eb9ee1be2d61297d4ae85402366ee6313032d3bbc473ab9c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3f9cce6ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=44&ev=78df222c951d49d285835a54b03a47fb&pname=Nexxen&api-tier=1&uid=OPTOUT
pragma: no-cache
date: Mon, 29 Jul 2024 14:34:01 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
etag: OPTOUT
content-type: text/html

GET
H3

200

pixel Show response
capi.connatix.com/us/
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=6&nwid=3630&gdpr=0&gdpr_consent=null&url=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d40%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3dSmartA...
https://capi.connatix.com/us/pixel?puid=2794061429948992203&pId=40&gdpr=0&gdpr_consent=

82 B
413 B

64ms
60ms

Script
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/us/pixel?puid=2794061429948992203&pId=40&gdpr=0&gdpr_consent=
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
access-control-max-age: 86400
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8aadd3fa5d8fac3f-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 95
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://capi.connatix.com/us/pixel?puid=2794061429948992203&pId=40&gdpr=0&gdpr_consent=
pragma: no-cache
date: Mon, 29 Jul 2024 14:34:08 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 cookie Show response
c1.adform.net/ 35 B
521 B 94ms
27ms Script
image/gif 185.167.164.52
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/cookie?redirect_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D46%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DAdForm%26api-tier%3D1%26uid%3D%24UID&gdpr=0

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/229.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.52 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET

usync.html
eus.rubiconproject.com/ Frame C483
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0

0
0

GET

/
de.tynt.com/deb/ Frame 5261
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerN...
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3D_3...

0
0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 26CD 0
0 152ms
55ms Document
text/html 23.221.241.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3DPubmatic%26tier%3D1%26DemandPartnerUserId%3D&gdpr=0
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/229.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.241.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-241-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=39300
content-encoding: gzip
content-length: 5492
content-type: text/html
date: Mon, 29 Jul 2024 14:34:08 GMT
expires: Tue, 30 Jul 2024 01:29:08 GMT
last-modified: Wed, 05 Jun 2024 06:37:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3...
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=1b5bbfa8-725d-40af-b1cc-aabafab5c88e&gdpr=0&gdpr_consent=null

146 B
253 B

34ms
33ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=1b5bbfa8-725d-40af-b1cc-aabafab5c88e&gdpr=0&gdpr_consent=null
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502de31f3cf8adec5f3e36b011e52ad0fca664d602e3c77a782ff94c5fc700b2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fa8dbfac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=1b5bbfa8-725d-40af-b1cc-aabafab5c88e&gdpr=0&gdpr_consent=null
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DPulsePoint%26api-tier%3D1%26uid%3D%...
https://cks.connatix.com/cks?pid=13&ev=78df222c951d49d285835a54b03a47fb&pname=PulsePoint&api-tier=1&uid=0hqA0UpteBBf

122 B
237 B

35ms
35ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=13&ev=78df222c951d49d285835a54b03a47fb&pname=PulsePoint&api-tier=1&uid=0hqA0UpteBBf
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f4c855a2fd98810ca80d9af5c04e9405350ef3f5ccc42c5d41fa7b8a71865d8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fa7da6ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-CA
location: https://cks.connatix.com/cks?pid=13&ev=78df222c951d49d285835a54b03a47fb&pname=PulsePoint&api-tier=1&uid=0hqA0UpteBBf
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=g&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d48%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3dSmaato%26api-ti...
https://cks.connatix.com/cks?pid=48&ev=78df222c951d49d285835a54b03a47fb&pname=Smaato&api-tier=1&uid=f7e96e2273

120 B
235 B

36ms
35ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=48&ev=78df222c951d49d285835a54b03a47fb&pname=Smaato&api-tier=1&uid=f7e96e2273
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db3d407bd1c2d98557e229cfe57640cc69aacd5b3e7991b3138585ad3462fc5f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3facdf8ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 29 Jul 2024 14:34:08 GMT
via: 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
location: https://cks.connatix.com/cks?pid=48&ev=78df222c951d49d285835a54b03a47fb&pname=Smaato&api-tier=1&uid=f7e96e2273
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: VRmHnLyhQb5eHqpwDYnhCJ64oAZ8kgchgQOUtCqiBRB6SZnsoT70Rw==

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCrimtan%26api-tier%3D1%26uid%3D%5Buser_id%5D&gdpr=0
https://cks.connatix.com/cks?pid=28&ev=78df222c951d49d285835a54b03a47fb&pname=Crimtan&api-tier=1&uid=8d3d07b27edf4ebbb9415e7f4e5ad4c9

142 B
250 B

36ms
34ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=28&ev=78df222c951d49d285835a54b03a47fb&pname=Crimtan&api-tier=1&uid=8d3d07b27edf4ebbb9415e7f4e5ad4c9
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 390ec1647d5f5ac8da5ed080fe16c9f982b71edd9683af23e6950bbea4fb6a82

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fabdeeac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:07 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CUR OUR NOR"
content-type: text/html;charset=UTF-8
status: 302
cache-control: no-cache, must-revalidate
location: https://cks.connatix.com/cks?pid=28&ev=78df222c951d49d285835a54b03a47fb&pname=Crimtan&api-tier=1&uid=8d3d07b27edf4ebbb9415e7f4e5ad4c9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DSonobi%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0
https://cks.connatix.com/cks?pid=43&ev=78df222c951d49d285835a54b03a47fb&pname=Sonobi&api-tier=1&uid=e2f7352b-0e20-41ab-b6e9-c845e0037d39

146 B
255 B

35ms
35ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=43&ev=78df222c951d49d285835a54b03a47fb&pname=Sonobi&api-tier=1&uid=e2f7352b-0e20-41ab-b6e9-c845e0037d39
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf658a8f59df5ad4b46ad10790acae47ca9438bc6722eae860d566b548412372

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fb6e8fac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:08 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-143
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cks.connatix.com/cks?pid=43&ev=78df222c951d49d285835a54b03a47fb&pname=Sonobi&api-tier=1&uid=e2f7352b-0e20-41ab-b6e9-c845e0037d39
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DLoopMe%26api-tier%3D1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
https://cks.connatix.com/cks?pid=18&ev=78df222c951d49d285835a54b03a47fb&pname=LoopMe&api-tier=1&uid=01daf87c-d796-4535-b93f-a1c6d4eaac7a&pubid=11186&gdpr=0

146 B
254 B

31ms
31ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=18&ev=78df222c951d49d285835a54b03a47fb&pname=LoopMe&api-tier=1&uid=01daf87c-d796-4535-b93f-a1c6d4eaac7a&pubid=11186&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c89dec33a165005cbe1dd84e35364b1885d6a21d272fb3b085cafc38838c73f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fd9945ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=18&ev=78df222c951d49d285835a54b03a47fb&pname=LoopMe&api-tier=1&uid=01daf87c-d796-4535-b93f-a1c6d4eaac7a&pubid=11186&gdpr=0
date: Mon, 29 Jul 2024 14:34:08 GMT
server: _
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=connatix&user_id=78df222c951d49d285835a54b03a47fb&gdpr=0
https://x.bidswitch.net/ul_cb/sync?ssp=connatix&user_id=78df222c951d49d285835a54b03a47fb&gdpr=0
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8934d10c-0c84-4b9d-950c-692d00354be8&ssp=connatix&gdpr=0
https://cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy=

146 B
253 B

33ms
32ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f6e07a61f1a85350420f1389fe71b6ee610ac093ec673e6f47a896fe619027

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fdb966ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: //cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=06cb2157-fc03-459a-9f43-9fcde90cb5b7&gdpr=0&gdpr_consent=&us_privacy=
Date: Mon, 29 Jul 2024 14:34:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://openrtb-us-east-1.axonix.com/syn?supply=5ce328d9-782d-464e-932e-67fa3dc4456b&uid=78df222c951d49d285835a54b03a47fb&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D49%26ev%3D78df222c951...
https://cks.connatix.com/cks?pid=49&ev=78df222c951d49d285835a54b03a47fb&pname=Emodo&api-tier=1&uid=f4a6392c-21dc-4a29-a3a6-a2a72937571d

146 B
255 B

38ms
37ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=49&ev=78df222c951d49d285835a54b03a47fb&pname=Emodo&api-tier=1&uid=f4a6392c-21dc-4a29-a3a6-a2a72937571d
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe30a5970c67c08eb0f3571fc4d3a680cec39aa40cbeed430aeb8dd9491e5571

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fd08acac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 29 Jul 2024 14:34:08 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
location: https://cks.connatix.com/cks?pid=49&ev=78df222c951d49d285835a54b03a47fb&pname=Emodo&api-tier=1&uid=f4a6392c-21dc-4a29-a3a6-a2a72937571d
x-emodo-server: vektor-server-production-no-zone-6468fcd59b-7ntbn
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DCentro%26api-tier%3D1%26uid%3...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D78df222...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D7...
https://cks.connatix.com/cks?pid=9&ev=78df222c951d49d285835a54b03a47fb&pname=Centro&api-tier=1&uid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0

159 B
263 B

38ms
36ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=9&ev=78df222c951d49d285835a54b03a47fb&pname=Centro&api-tier=1&uid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cada3a1c03b0ae224ef42af52d335282ee4fb54e803ed883326918c40734a3a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:09 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fe5a05ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 29 Jul 2024 14:34:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://cks.connatix.com/cks?pid=9&ev=78df222c951d49d285835a54b03a47fb&pname=Centro&api-tier=1&uid=f7ded83c-25bc-4228-ad08-0b74933f3176-66a7a860-5553&gdpr=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DYieldMo%26api-tier%3D1%26uid%3D%24UID&gdpr=0
https://cks.connatix.com/cks?pid=39&ev=78df222c951d49d285835a54b03a47fb&pname=YieldMo&api-tier=1&uid=VaU2IJJBD2JQi4whA7n7&gdpr=0

130 B
245 B

38ms
37ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=39&ev=78df222c951d49d285835a54b03a47fb&pname=YieldMo&api-tier=1&uid=VaU2IJJBD2JQi4whA7n7&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b15041c8d84285fcd7d53653d341eba353e05f162d57f39e678237a0e7b996d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fbaed3ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:08 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cks.connatix.com/cks?pid=39&ev=78df222c951d49d285835a54b03a47fb&pname=YieldMo&api-tier=1&uid=VaU2IJJBD2JQi4whA7n7&gdpr=0
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://connatix-supply-partners.tremorhub.com/sync?UISCX=78df222c951d49d285835a54b03a47fb&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DTel...
https://cks.connatix.com/cks?pid=5&ev=78df222c951d49d285835a54b03a47fb&pname=Telaria&api-tier=1&uid=db6bba8788a249b1ab39d89ed412387f

141 B
249 B

32ms
32ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=5&ev=78df222c951d49d285835a54b03a47fb&pname=Telaria&api-tier=1&uid=db6bba8788a249b1ab39d89ed412387f
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0287a934123ae3f8e5ccc9ebe859542266b2d8b8af9b09e49dc7cd1896a70a9e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fb8eb8ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=5&ev=78df222c951d49d285835a54b03a47fb&pname=Telaria&api-tier=1&uid=db6bba8788a249b1ab39d89ed412387f
date: Mon, 29 Jul 2024 14:34:08 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

us Show response
capi.connatix.com/core/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=cefb0745377a7e6a4fad31217dfdabd&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

0
253 B

54ms
54ms

Script
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=cefb0745377a7e6a4fad31217dfdabd&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fbaedbac3f-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Mon, 29 Jul 2024 14:34:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=cefb0745377a7e6a4fad31217dfdabd&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1722263648547057-1181

GET
H2 200 sync-iframe
cs-server-s2s.yellowblue.io/ Frame 9A7E 0
0 117ms
32ms Document
text/html 54.243.167.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d78df222c951d49d285835a54b03a47fb%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/229.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.243.167.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-167-211.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: cs-server-s2s.yellowblue.io
content-type: text/html
date: Mon, 29 Jul 2024 14:34:08 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DResetDigital%26api-tier%3D1%26uid%3D%24USER_I...
https://cks.connatix.com/cks?pid=35&ev=78df222c951d49d285835a54b03a47fb&pname=ResetDigital&api-tier=1&uid=0000015046F71F27

126 B
240 B

94ms
93ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=35&ev=78df222c951d49d285835a54b03a47fb&pname=ResetDigital&api-tier=1&uid=0000015046F71F27
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912aadfd287404bc341209de30191fef2189b078ad9bc6feec75a0806ad0aae7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fbef18ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=35&ev=78df222c951d49d285835a54b03a47fb&pname=ResetDigital&api-tier=1&uid=0000015046F71F27
date: Mon, 29 Jul 2024 14:34:08 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
content-type: text/html

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/17331/ 41 KB
12 KB 103ms
34ms Script
text/javascript 18.160.46.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/514916/229.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-59.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5f6691a368a11aa84117b66499d81c59f9e6a3a9421ca231e69bc105247eb0d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 09:21:04 GMT
content-encoding: gzip
via: 1.1 9c13d38452f2017c92d65c8904408686.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jul 2024 19:15:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 25772
x-amz-server-side-encryption: AES256
etag: W/"049ca590c916e48bbdb011726958c982"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: BCmoy8eovwSinNewp3aN7LTjDbrAkKd-Y9JImDXcGlmRezft5bLK6g==

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr...
https://cks.connatix.com/cks?pid=1&ev=78df222c951d49d285835a54b03a47fb&pname=SundaySky&api-tier=1&uid=d6.bccc29539bd645b99006ef1ac8558cd5

144 B
251 B

34ms
33ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=1&ev=78df222c951d49d285835a54b03a47fb&pname=SundaySky&api-tier=1&uid=d6.bccc29539bd645b99006ef1ac8558cd5
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a448a9606187a72fbe01910f81e7fde5b9fd661f1111ace6fcf03912142c6b06

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fd38edac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=1&ev=78df222c951d49d285835a54b03a47fb&pname=SundaySky&api-tier=1&uid=d6.bccc29539bd645b99006ef1ac8558cd5
date: Mon, 29 Jul 2024 14:34:08 GMT
x-content-type-options: nosniff
content-length: 0
x-frame-options: DENY

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D78df222c951d4...
https://cks.connatix.com/cks?pid=29&ev=78df222c951d49d285835a54b03a47fb&pname=Adelphic&api-tier=1&uid=c5e4e507-08f1-4332-9ff3-08b53f3cdbf6

146 B
254 B

31ms
30ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=29&ev=78df222c951d49d285835a54b03a47fb&pname=Adelphic&api-tier=1&uid=c5e4e507-08f1-4332-9ff3-08b53f3cdbf6
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d0810496620c81f6ba2b75d205e13dc16a36d9f6897200e9e5b7f85cae68c8d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8aadd3fd38e5ac3f-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cks.connatix.com/cks?pid=29&ev=78df222c951d49d285835a54b03a47fb&pname=Adelphic&api-tier=1&uid=c5e4e507-08f1-4332-9ff3-08b53f3cdbf6
Date: Mon, 29 Jul 2024 14:34:08 GMT
Connection: keep-alive
X-CI-RTID: a3a1bb52-3949-4cf6-8d7d-8222d36ca850
Content-Length: 177
Content-Type: text/html; charset=utf-8

GET cm
us-u.openx.net/w/1.0/ Frame B8BF 0
0

GET cksync
cs.media.net/ Frame B8BF 0
0

GET 712202.gif
id.rlcdn.com/ Frame B8BF 0
0

GET

pixel
cm.g.doubleclick.net/ Frame B8BF
Redirect Chain

https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NzhkZjIyMmM5NTFkNDlkMjg1ODM1YTU0YjAzYTQ3ZmI&extra1=78df222c951d49d285835a54b03a47fb&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....

0
0

GET 1a1c07e870d45c05896c3f9e9973d4b4.gif
sync.colossusssp.com/ Frame B8BF 0
0

GET d79a5a67-7a4f-4ab3-9248-45e8e8865c9d.bin
vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ Frame B8BF 0
0

GET ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame B8BF 0
0

GET 81549
i.liadm.com/s/ Frame B8BF 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B8BF 0
0

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 31 B
445 B 143ms
55ms Fetch
application/json 18.189.4.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.189.4.224 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-189-4-224.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

78d83707624aabbd3ab8705929c46286395a3de20d53e81bc8b60814eaac7d2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 29 Jul 2024 14:34:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Access-Control-Allow-Headers: X-Forwarded-For, X-Requested-With, Content-Type
Content-Length: 31
X-XSS-Protection: 1; mode=block

GET
H2

400

websiteconfig Show response
btloader.com/
Redirect Chain

https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=
https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896

30 B
138 B

68ms
66ms

Fetch
text/plain

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896

Requested by

Host: blank
URL: about:blank

Protocol

Server

2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651388948a3444f5e74d15fefeb121fa16fea72c1b4d9e60beb4bee393cf2e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 8aadd3fb092bac4e-YYZ
content-length: 30

Redirect headers

date: Mon, 29 Jul 2024 14:34:08 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 453
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: /websiteconfig?bt_env=prod&o=5714937848528896
cache-control: public, max-age=3600, must-revalidate
cf-ray: 8aadd3fac8d6ac4e-YYZ

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 120ms
64ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 14:34:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 191ms
34ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98225
x-guploader-uploadid: ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bzh1gm6zPoTYN0aD%2BhmdivK5hZpi9VDyzs9wpOywWfU4Rr%2Frp6VEXp2zQoFf58zMOXuDziY7WZBCijM9TiTPzbDSrT%2Fvqu8AgVo7kairsZU6G5e1CSEnsr73disqKMI5sOcoRqZeQPjNpEzCYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8aadd3fcbb28ab1e-YYZ
expires: Tue, 30 Jul 2024 14:34:08 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
915 B 166ms
34ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7105856034629532
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98225
x-guploader-uploadid: ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHsdC6nq5LZIO4FvL0SjLsGPToJ3geQinZPDxZVRcIW5fcvnArf89ZKSkY3bDOuC0ju7HNP9qRDelg%2FjJAwkFr11epNlBv1ETQ2CCRJefbxkqt4YSD4pyMLHBQSY0ULfWC09ehWmSBHnZJ42Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8aadd3fcbb2bab1e-YYZ
expires: Tue, 30 Jul 2024 14:34:08 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
619 B 220ms
54ms XHR
application/json 107.23.203.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.203.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-203-136.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7f3ddf8a611356585dbc947f8b5ea4a2cf0d8a30bda2c6c73651afab93e43868

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:34:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
x-server: 10.40.6.6
access-control-allow-credentials: true
content-length: 156
expires: 0

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 138ms
118ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: ada056fa1008c25a83c104dba7de7858478f6928c3ef301f73c23c5b0311f183

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jul 2024 14:34:08 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 111ms
53ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 Jul 2024 14:34:08 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0

Domain: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&gdpr=0&gdpr_consent=null&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3dOpenX%26tier%3d1%26DemandPartnerUserId%3d

Domain: cs.media.net
URL: https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D78df222c951d49d285835a54b03a47fb%26DemandPartnerName%3DMediaNet%26tier%3D1%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/712202.gif?cparams=78df222c951d49d285835a54b03a47fb&gdpr=0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NzhkZjIyMmM5NTFkNDlkMjg1ODM1YTU0YjAzYTQ3ZmI&extra1=78df222c951d49d285835a54b03a47fb&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport

Domain: sync.colossusssp.com
URL: https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=78df222c951d49d285835a54b03a47fb&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DColossus%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/d79a5a67-7a4f-4ab3-9248-45e8e8865c9d.bin

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=&pcid=78df222c951d49d285835a54b03a47fb

Domain: i.liadm.com
URL: https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=78df222c951d49d285835a54b03a47fb

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 07:54:37	Name: pid Value: 2794061429948992203
.bleepingcomputer.com/	1969-12-31 23:59:59	Name: session_id Value: 85813bf3ad533f2f5d9bb3ddb81c3ce8
www.bleepingcomputer.com/	1970-01-20 23:07:35	Name: lav Value: 20534
.pub.network/	1970-01-21 08:00:23	Name: _fsuid Value: e90d43b0-6041-480e-ab9e-befa2187c65f
.bleepingcomputer.com/	1970-01-21 08:00:23	Name: _ga_GD465VRQLD Value: GS1.1.1722263647.1.0.1722263647.0.0.0
.bleepingcomputer.com/	1970-01-21 08:00:23	Name: _ga Value: GA1.1.1696872600.1722263648
cdn.firstimpression.io/	1970-01-21 07:09:59	Name: OAID Value: a215b48b509ff80fefea068bc537a275
.doubleclick.net/	1970-01-20 22:24:24	Name: test_cookie Value: CheckForPermission
.connatix.com/	1970-01-20 22:44:33	Name: cnx_userId Value: 78df222c951d49d285835a54b03a47fb
www.bleepingcomputer.com/	1970-01-20 23:07:35	Name: cnx_userId Value: 78df222c951d49d285835a54b03a47fb
.casalemedia.com/	1970-01-21 07:09:59	Name: CMID Value: ZqeoYNHM6b0AAHK7AG2t4gAA
.casalemedia.com/	1970-01-21 00:33:59	Name: CMPS Value: 3617
.casalemedia.com/	1970-01-21 00:33:59	Name: CMPRO Value: 3617
.adnxs.com/	1970-01-21 00:33:59	Name: XANDR_PANID Value: 89qivzWl75lI2VLIjikemLPezMNpB-7LtpXdJ9dnO-1hSlo1g1o2kM5wmvn_n4_Y4uZufmKanA3l-EOn4YKu_yb8dzEWs3r9vILZKbevrMA.
.adnxs.com/	1970-01-21 08:00:23	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:33:59	Name: uuid2 Value: 3654099958127343586
.adsrvr.org/	1970-01-21 07:09:59	Name: TDID Value: 251a112c-bbcc-4012-b6a7-76f11841de2a
.3lift.com/	1970-01-21 00:33:59	Name: tluidp Value: 2802629442880840033773
.3lift.com/	1970-01-21 00:33:59	Name: tluid Value: 2802629442880840033773
.turn.com/	1970-01-21 02:43:35	Name: uid Value: 2605327058621891724
.33across.com/	1970-01-21 07:09:59	Name: 33x_ps Value: u%3D212511683240431%3As1%3D1722263648211%3Ats%3D1722263648211
.yellowblue.io/	1970-01-20 23:07:35	Name: wrvUserID Value: QmK6aHQzkp_s
.adform.net/	1970-01-20 23:50:47	Name: uid Value: 6007253940377456361
.adsrvr.org/	1970-01-21 07:09:59	Name: TDCPM Value: CAEYBSABKAIyCwj45t3Gx_mXPRAFOAE.
.contextweb.com/	1970-01-21 07:02:47	Name: V Value: 0hqA0UpteBBf
.contextweb.com/	1970-01-21 07:02:47	Name: VP Value: part_0hqA0UpteBBf
.contextweb.com/	1970-01-21 07:09:59	Name: pb_rtb_ev Value: 3-1srl\|7Xz.0.1
.contextweb.com/	1970-01-21 07:09:59	Name: pb_rtb_ev_part Value: 3-1srl\|7Xz.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 79db57f48677b885
.bidr.io/	1970-01-21 07:52:57	Name: bito Value: AAB8GE7NT1EAABTTJk3Eug
.bidr.io/	1970-01-21 07:52:57	Name: bitoIsSecure Value: ok
.ctnsnet.com/	1970-01-21 07:09:59	Name: cid_8d3d07b27edf4ebbb9415e7f4e5ad4c9 Value: 1
.smaato.net/	1970-01-20 22:54:38	Name: SCM Value: f7e96e2273
.smaato.net/	1970-01-20 22:54:38	Name: SCMg Value: f7e96e2273
.go.sonobi.com/	1970-01-21 07:09:59	Name: __uis Value: e2f7352b-0e20-41ab-b6e9-c845e0037d39
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85143\|ZqeoY
.sitescout.com/	1970-01-21 07:09:59	Name: ssi Value: f7ded83c-25bc-4228-ad08-0b74933f3176#1722263648522
.tremorhub.com/	1970-01-21 07:10:20	Name: tvid Value: db6bba8788a249b1ab39d89ed412387f
.tremorhub.com/	1970-01-21 08:00:23	Name: tv_UISCX Value: 78df222c951d49d285835a54b03a47fb
.bidswitch.net/	1970-01-21 07:09:59	Name: tuuid Value: 06cb2157-fc03-459a-9f43-9fcde90cb5b7
.bidswitch.net/	1970-01-21 07:09:59	Name: c Value: 1722263648
.bidswitch.net/	1970-01-21 07:09:59	Name: tuuid_lu Value: 1722263648
.yieldmo.com/	1970-01-21 07:09:59	Name: yieldmo_id Value: VaU2IJJBD2JQi4whA7n7%7C1722211200000%7C0
.ads.stickyadstv.com/	1970-01-20 23:07:35	Name: UID Value: cefb0745377a7e6a4fad31217dfdabd
.sitescout.com/	1970-01-20 23:07:35	Name: _ssuma Value: eyIzOSI6MTcyMjI2MzY0ODU2MiwiNyI6MTcyMjI2MzY0ODU2MiwiNjEiOjE3MjIyNjM2NDg1NjJ9
.resetdigital.co/	1970-01-21 00:33:59	Name: ckbk Value: 0000015046F71F27
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
openrtb-us-east-1.axonix.com/	1970-01-20 23:07:35	Name: ax_cx Value: f4a6392c-21dc-4a29-a3a6-a2a72937571d
.sundaysky.com/	1970-01-21 08:00:23	Name: sskyu Value: d6.bccc29539bd645b99006ef1ac8558cd5
.sundaysky.com/	1970-01-21 08:00:23	Name: sskyCreationTime Value: 1722263648765
.crwdcntrl.net/	1970-01-21 04:53:09	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 04:53:09	Name: _cc_id Value: 1d4c22f418ca14057d5f73904e7d0172
.mfadsrvr.com/	1970-01-21 07:09:59	Name: tuuid Value: 8934d10c-0c84-4b9d-950c-692d00354be8
.mfadsrvr.com/	1970-01-21 07:09:59	Name: c Value: 1722263648
.mfadsrvr.com/	1970-01-21 07:09:59	Name: tuuid_lu Value: 1722263648
.bleepingcomputer.com/	1970-01-21 04:53:11	Name: _cc_id Value: 1d4c22f418ca14057d5f73904e7d0172
.bleepingcomputer.com/	1970-01-20 22:25:50	Name: panoramaId_expiry Value: 1722350048767
.ipredictive.com/	1970-01-21 07:09:59	Name: cu Value: c5e4e507-08f1-4332-9ff3-08b53f3cdbf6\|1722263648800
.sundaysky.com/	1970-01-20 22:34:28	Name: sskya Value: "e2N4Ont0czoiNGg1NGd3Iix0OiJuaSJ9fQ=="
.mfadsrvr.com/	1970-01-21 07:09:59	Name: ssh Value: !bidswitch=1722263648
.csync.loopme.me/	1970-01-21 00:36:52	Name: viewer_token Value: 01daf87c-d796-4535-b93f-a1c6d4eaac7a
.tapad.com/	1970-01-20 23:50:47	Name: TapAd_TS Value: 1722263648929
.tapad.com/	1970-01-20 23:50:47	Name: TapAd_DID Value: f61aa470-e237-4ba8-ab3a-c0e031141794
.tapad.com/	1970-01-20 23:50:47	Name: TapAd_3WAY_SYNCS Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct(Line 9) Message: WebSocket connection to 'wss://testerr.escalated.io/testerr185k' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
security	error	URL: about:blank Message: Refused to execute script from 'https://c1.adform.net/cookie?redirect_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D46%26ev%3D78df222c951d49d285835a54b03a47fb%26pname%3DAdForm%26api-tier%3D1%26uid%3D%24UID&gdpr=0' because its MIME type ('image/gif') is not executable.
security	error	URL: about:blank Message: Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=2794061429948992203&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.
network	error	URL: https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
api.btloader.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
c.pub.network
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cds.connatix.com
cks.connatix.com
cm.g.doubleclick.net
connatix-supply-partners.tremorhub.com
cs-server-s2s.yellowblue.io
cs.media.net
csync.loopme.me
d.pub.network
de.tynt.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
i.ctnsnet.com
i.liadm.com
id.rlcdn.com
imasdk.googleapis.com
ins.connatix.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
openrtb-us-east-1.axonix.com
optimise.net
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.tapad.com
rtb.mfadsrvr.com
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum.casalemedia.com
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
tag.escalated.io
tags.crwdcntrl.net
us-u.openx.net
vid.connatix.com
vop.sundaysky.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
cs.media.net
de.tynt.com
eus.rubiconproject.com
i.liadm.com
id.rlcdn.com
imasdk.googleapis.com
sync.colossusssp.com
sync.intentiq.com
us-u.openx.net
vid.connatix.com
104.18.20.206
104.18.20.97
104.18.36.155
104.20.185.56
107.23.203.136
130.211.23.194
142.251.111.155
142.251.16.106
143.244.222.249
15.197.193.217
155.204.117.1
172.253.62.154
172.64.146.152
172.67.75.139
18.160.18.26
18.160.46.100
18.160.46.104
18.160.46.59
18.189.4.224
185.167.164.52
198.148.27.131
209.85.232.156
216.22.16.69
23.221.241.11
23.52.9.200
2600:1f18:612b:4280:8a90:fc1e:350:edd4
2600:9000:2209:a000:1b:5138:8a40:93a1
2606:4700:10::6816:4ad8
2606:4700:20::681a:346
2606:4700:20::ac43:4acf
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c1d::5e
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::65
2620:112:f008:200::101
34.111.113.62
34.111.152.239
34.160.152.31
34.198.44.255
34.36.216.150
35.186.193.173
35.207.24.140
35.211.178.172
35.214.138.214
44.195.70.202
52.223.22.214
52.7.10.111
54.161.99.197
54.211.213.240
54.243.167.211
63.251.28.210
64.233.180.149
68.67.179.153
69.194.240.13
98.80.23.94
0287a934123ae3f8e5ccc9ebe859542266b2d8b8af9b09e49dc7cd1896a70a9e
04a91f06850a23f4fde6e9f51bf1b4465e71d988176d91233c4dbcc25f4ec9e2
04ceb0aa4be910d943f6e6405f3b4fcb31fb1844f48bbc8e8ebe761fd1773724
05cd2f321bc3371bc01d22c5e1884561a573430d861348a1a6609e26aea4fd9f
0883b2f2e61e422911c1de9f98fc5c2977821c06143d2d933756fe42859a84fb
0a8f2a92bc49919cc08b5c4b18810ee5b19131a306f1c2940229f311fdf5bf84
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
10bfeb1a7b0a161f0714bb2e3b6fd453706891e1b169b7010b0c4707e5311386
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1c1c5044a6b9dd3bcb9d424b559068a87c526a3fdf61511498c37284433272f1
1f26bb5cf209deae03231b846150e981c62ddcdf9e8520592eaaf5da8609e88a
209b9add66386ba6e93616e6b657362cc169bb4eaf141e8db924376f14c5d583
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
2eabba658c5c7bd2f12938ba2a4a2e4fb9d52b6ba7e381a1062bc65ad115eebe
2f28548cfc898a4f145256357adefc072c39b2928ee3330ea4845dd34c185f94
2f4c855a2fd98810ca80d9af5c04e9405350ef3f5ccc42c5d41fa7b8a71865d8
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
36c8add5d870467f2421c76df7c1741726570022f324d202d2ee83ed06743382
390ec1647d5f5ac8da5ed080fe16c9f982b71edd9683af23e6950bbea4fb6a82
3b15041c8d84285fcd7d53653d341eba353e05f162d57f39e678237a0e7b996d
3c9f70c0ad7a85b11341995f3ad37b927a55855fcd2077e8e4266d80cb129a7c
3ceb4783e9abe62ca97af8213a8119e6ebeac1c09aad92da6c8a4b76b6154dc8
3f7b716c3dc8cf73f2ca3aef90cbe6d6ed3299e3b3191ff7782bde9da3df018d
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
43eb3a3f16d58da388c7f624e6ed92eee2145f05ef38b4df8f129c27af164466
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ed330707f931faa8dc2b80055652e933d053e7da098beb9d401b4ecc2e442c0
502de31f3cf8adec5f3e36b011e52ad0fca664d602e3c77a782ff94c5fc700b2
54c941d0d2e68fdacc5a1a2e4b31137726e2105f4d0f9d5a8fe4cec9674439bb
5920fd20b1b26b2b5593b080c342fa269808adba56b2f3941d3318cd5a8bbe32
59acb0309b7b2701242fe053444f081f0116aad38c203b0a66593b6c8112226b
5c89dec33a165005cbe1dd84e35364b1885d6a21d272fb3b085cafc38838c73f
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f8ac9a97ef9c0cbf4cb74d3c651b3bdd443fa86c146ed1ada3061390cc464a3
5fa9f2abb46b1a8feee43be9a545c6bbb4fc031347a4ddc0d5e483e651a99cfb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
651388948a3444f5e74d15fefeb121fa16fea72c1b4d9e60beb4bee393cf2e3b
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
6d2a3f4db9364ad6b2d1e2c6a70fb215fc2ecd16671788d08e1ce22cf5185761
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a
7480ccfb32e034f954e89594e862ed1c34bdd907146befcd3493339a4295e8a1
78d83707624aabbd3ab8705929c46286395a3de20d53e81bc8b60814eaac7d2c
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b
7d0810496620c81f6ba2b75d205e13dc16a36d9f6897200e9e5b7f85cae68c8d
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7f3ddf8a611356585dbc947f8b5ea4a2cf0d8a30bda2c6c73651afab93e43868
7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509
87ed2d6930b5010994c63cd7908ab44a6cdded82008f41b82aa5f82278e8e89a
88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac
8cada3a1c03b0ae224ef42af52d335282ee4fb54e803ed883326918c40734a3a
912aadfd287404bc341209de30191fef2189b078ad9bc6feec75a0806ad0aae7
93d0008df2648e065daaabc9376b08be9ecb5bd136d7b0520cce4f5e69329c08
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
942f1964307ee1d461203bbd688e4bba08186a3e4dde9900cf0565f7608cd192
9a8938a562110413935be499cee7be5c47a5406749d0cb2075e8a03b6c137579
9b11608553a55d1192f82a3277380b34391d3c16f5332f2a7e14e8ab2f010525
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9dca59a7344d2ef98a0c5a2e54cd42f4fb3890d530853a2500f847d640278e5a
9e9fd3af94826cb54d36da11be4f5d4fb45e57f49876977c49fc7198b30e1c84
a448a9606187a72fbe01910f81e7fde5b9fd661f1111ace6fcf03912142c6b06
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b
a7f0cef4d67e9d69ae3c3e075084e448b62963a8838c94b124782738863a3e59
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ada056fa1008c25a83c104dba7de7858478f6928c3ef301f73c23c5b0311f183
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc2e76e4fc48c118d1a66fc26d3d2b573b360a112045eb53cb230346c1f1688c
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
cb05db78d92f1541454725f7452868f9994d9443d360b706f8bea5d0e2bf0eb9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf658a8f59df5ad4b46ad10790acae47ca9438bc6722eae860d566b548412372
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d5f6691a368a11aa84117b66499d81c59f9e6a3a9421ca231e69bc105247eb0d
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8fc7c2861131f1a9411019e8b2cf15d0941ba88e909fa9067967bafef923e1c
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db3d407bd1c2d98557e229cfe57640cc69aacd5b3e7991b3138585ad3462fc5f
e2619de3d55eb455a257f316d4d4a81be5f48704225c47c7a59c97c9300d7e09
e2f6e07a61f1a85350420f1389fe71b6ee610ac093ec673e6f47a896fe619027
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9969459516e82d0d53b277fc746f7212aa3748db9c4a1a7f88c2f7b064f18
e4aef8354ee5b81b1fab7d69f14bd265b2d8b62aa92b8b4807959835140acf1d
e7686d08289fc69c41960ad5cade1396148d0d2381fd6d7c6c2293ceb0834c8e
e87520999fa41b89eb9ee1be2d61297d4ae85402366ee6313032d3bbc473ab9c
ed62e48f5893bdd45db6aa24f7bf4424d5e82804c3b7d9d2ae54feb0e4b4decb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16253045d722e1dc4ba2b6c101041428dbde1c8c5747c4d9b840bdd23052bad
f325ab78ef25034bd02bb7965c1612ebee48b2b97bc5f40172dee6873d44afac
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5cd0a3adfd18b00e894599898d59effccb158fc212c425913aba281f1244a83
f5e1a4a8a66b0fbbc745fac7a15b4e7e51c8177fa87603794d0c090ea611c9f4
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe30a5970c67c08eb0f3571fc4d3a680cec39aa40cbeed430aeb8dd9491e5571
fecf8a3709ca731c038b7c2e0393b0395f0195a97576b1942812331b9883ed0d

www.bleepingcomputer.com Open in urlscan Pro 104.20.185.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

70 %HTTPS

21 %IPv6

57 Domains

73 Subdomains

30 IPs

4 Countries

2147 kBTransfer

5875 kBSize

64 Cookies

0 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.185.56 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

70 %
HTTPS

21 %
IPv6

57
Domains

73
Subdomains

30
IPs

4
Countries

2147 kB
Transfer

5875 kB
Size

64
Cookies

129 HTTP transactions
3 data transactions