cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:283b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cybernews.com/security/powder-room-data-leak/
Submission: On March 23 via api (March 23rd 2023, 10:46:26 pm UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 9 countries across 36 domains to perform 174 HTTP transactions. The main IP is 2606:4700:3108::ac42:283b, located in United States and belongs to CLOUDFLARENET, US. The main domain is cybernews.com. The Cisco Umbrella rank of the primary domain is 287494.
TLS certificate: Issued by E1 on February 24th 2023. Valid for: 3 months.

This is the only time cybernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:310... 2606:4700:3108::ac42:283b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:310... 2606:4700:3108::ac42:2bc5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 31	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 5	3.122.24.207 3.122.24.207	16509 (AMAZON-02) (AMAZON-02)
2 2	54.220.9.90 54.220.9.90	16509 (AMAZON-02) (AMAZON-02)
5 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4 4	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
5 5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.39.140 3.121.39.140	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:6f87:8fa1:6e97:141	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.101.90.96 141.101.90.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
174	33

5 2606:4700:3108::ac42:283b (United States)

ASN13335 (CLOUDFLARENET, US)

cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3108::ac42:2bc5 (United States)

ASN13335 (CLOUDFLARENET, US)

media.cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 172.217.16.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.122.24.207 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-24-207.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.9.90 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-9-90.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.182 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.39.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-39-140.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:6f87:8fa1:6e97:141 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.96 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 70 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	148 KB
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	1021 KB
12	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4179 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	2 KB
11	cybernews.com cybernews.com — Cisco Umbrella Rank: 287494 media.cybernews.com — Cisco Umbrella Rank: 414267	126 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	308 KB
7	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 535	6 KB
6	gstatic.com www.gstatic.com	52 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6058 adservice.google.de — Cisco Umbrella Rank: 8820	1 KB
5	pubmatic.com 5 redirects image6.pubmatic.com — Cisco Umbrella Rank: 731	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 297	2 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4619	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	194 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3519 onesignal.com — Cisco Umbrella Rank: 1310	82 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1227	461 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 794 r.turn.com — Cisco Umbrella Rank: 3277	869 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 743	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 549	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 31577	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1976	575 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 611	847 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 749 s.tribalfusion.com — Cisco Umbrella Rank: 1837	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 470	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	158 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 54791	607 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1455	351 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 740	711 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 446	714 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31935	611 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 660	463 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 322	463 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 330	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	606 B
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3029	35 KB
174	36

	Domain	Requested by
31	cm.g.doubleclick.net	5 redirects cybernews.com googleads.g.doubleclick.net
28	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
25	pagead2.googlesyndication.com	cybernews.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
19	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
9	s0.2mdn.net	cybernews.com s0.2mdn.net
9	www.google.com	1 redirects cybernews.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	media.cybernews.com	cybernews.com
5	image6.pubmatic.com	5 redirects
5	x.bidswitch.net	5 redirects
5	cybernews.com	cybernews.com
4	d5p.de17a.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.de	cybernews.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	cybernews.com www.google-analytics.com
2	onesignal.com	cdn.onesignal.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	cybernews.com
2	pm.w55c.net	2 redirects
2	c1.adform.net	2 redirects
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	r.scoota.co	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	sync.mathtag.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	cybernews.com www.googletagmanager.com
2	cdn.onesignal.com	cybernews.com cdn.onesignal.com
1	portal.o2online.de
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	cybernews.com
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	img.youtube.com	cybernews.com
174	48

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com
www.tiktok.com
flipboard.com
careers.cybernews.com

Subject Issuer	Validity	Valid
data-leak-check.cybernews.com E1	`2023-02-24` - `2023-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.cybernews.com GTS CA 1P5	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://cybernews.com/security/powder-room-data-leak/
Frame ID: A855F7D50FA36BC021238DCB9E15FEDC
Requests: 48 HTTP requests in this frame

Frame: https://img.youtube.com/vi/xCSLqKEYp-s/hqdefault.jpg
Frame ID: 99101529B9D71E581A597C44A382E422
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: A0F5A7AC8C9171DCB9A3A834D6E02866
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1679581552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580752&bpp=4&bdt=175&idt=217&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3806313459038&frm=20&pv=2&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=256
Frame ID: 0D68231E80C289229866B05EDA9F4424
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260
Frame ID: 016DA07912D7D535B7576F7C1294A416
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
Frame ID: A27DF4D9CCDBE72F29E4E34FA9AF2603
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjEq4PjATAB&v=APEucNWB_Snd0e0H-DxmxWH0sbXpbZLqrAV2lzSSqT_NC12ydjMNw8Ve-nxKwMSoLhF5xYVqGeNPLsL5gCzWsUnvrM1UYg4NP984lTAMOW5Rcs7jdO_QX4mpDlo-MJwrnvACKEdY1T3Lt0OoZUDCBKr6j1Mf2e4L4eAq4xE5eUMF-AvASX-Mtzk
Frame ID: A348FA02DC282EC5FF2E6D5910BA7C06
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3F32ABB37B628941F8FFEEC543E0DBBD
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16FC99FC422CA07896A19F8ADDC0D1B8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: B9B7F9AA55CC42119C1799EEE9D0BBCE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6441A442BB00FC89178F5EDA5D3EF650
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B482837B2B0F818F4D77F03D9067F7B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 525AD2BED02358BA016FE18F52D3C0F8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00218029439585617366A62DC54C4707
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 58038F8B544C09D19318AB9BD734131D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 712F3E8F7D8033E0085B7A5D516F2D72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E3E47D1901FBA36B5CE923A1BDFDD682
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
Frame ID: 57FF4036136AC182958179E5EDDF80F8
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34CFB44CA13B60030FD452BEA4EFA304
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38018B4E86A246E1E561FDDFC102CF4E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 1AE3970E286A55256AF65970B4039AB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A million at risk from user data leak at Korean beauty platform | Cybernews

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

174
Requests

84 %
HTTPS

55 %
IPv6

36
Domains

48
Subdomains

33
IPs

9
Countries

2155 kB
Transfer

4807 kB
Size

47
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CyberNews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cybernewscom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CyberNews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybernews

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cybernewscom

Search URL Search Domain Scan URL

URL: https://flipboard.com/@CyberNews_com

Search URL Search Domain Scan URL

URL: https://careers.cybernews.com/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIcbb6xlwtTgQ8ToEcbsE0U&google_cver=1&google_push=Aer7DvIbLUgse8GhAY44jOFGwKeLbED1h6rT0g7vRWzpUwiFcaeIbPN1RuRC7y7tG-37p61aNK7eZTfYQ0SHmpy0ACEcoYsONM7EtHm2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIbLUgse8GhAY44jOFGwKeLbED1h6rT0g7vRWzpUwiFcaeIbPN1RuRC7y7tG-37p61aNK7eZTfYQ0SHmpy0ACEcoYsONM7EtHm2

Request Chain 82

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPpZUj7egCvJNNTs2CsKb4&google_cver=1&google_push=Aer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPpZUj7egCvJNNTs2CsKb4&google_cver=1&google_push=Aer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 83

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENjJITHJuLBewbApJhvnEqs&google_cver=1&google_push=Aer7DvJWTKWEYBpQ9WMSUADO3lQFqMJG8G491qrBSI3FOmR55DxZe3csmVb8YxQl4K1ZjIv2FJWs2la0G3irh3Qp4SLESNydiBwFC3Zy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENjJITHJuLBewbApJhvnEqs&google_push=Aer7DvJWTKWEYBpQ9WMSUADO3lQFqMJG8G491qrBSI3FOmR55DxZe3csmVb8YxQl4K1ZjIv2FJWs2la0G3irh3Qp4SLESNydiBwFC3Zy

Request Chain 86

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFQS2oEhgZAEes3FOTwKtSI&google_cver=1&google_push=Aer7DvItc-mVRxZqHC3TyGK-6kga6-vye4Xoe3CNolvve2B7eueGTI8rS9aOFHERrCisCA45MFaQIkWNmsZzlkp1W4f086X-BENx_kh2 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFQS2oEhgZAEes3FOTwKtSI&google_cver=1&google_push=Aer7DvItc-mVRxZqHC3TyGK-6kga6-vye4Xoe3CNolvve2B7eueGTI8rS9aOFHERrCisCA45MFaQIkWNmsZzlkp1W4f086X-BENx_kh2 HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=36d209b1-8ff0-4daf-b29c-c48200a60af2&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==

Request Chain 87

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_cver=1&google_push=Aer7DvL-ijUwc6cjedjcTbFiJpx6PUmzr2RRk9irJuKuaZnsZqULadALR1mwoFfS_QCMnfcnZTEDIoDDMorS6QD39dshsDFfdFbYHrU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_push=Aer7DvL-ijUwc6cjedjcTbFiJpx6PUmzr2RRk9irJuKuaZnsZqULadALR1mwoFfS_QCMnfcnZTEDIoDDMorS6QD39dshsDFfdFbYHrU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvL-ijUwc6cjedjcTbFiJpx6PUmzr2RRk9irJuKuaZnsZqULadALR1mwoFfS_QCMnfcnZTEDIoDDMorS6QD39dshsDFfdFbYHrU

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1

Request Chain 90

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzWvf.FpoySnzsRKJcNVwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1&google_hm=2

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIBRWQnQpxUjU0wVHu8M3CU&google_cver=1

Request Chain 92

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzNTE5MTM2NzczMDg1MzQ0OQ%3D%3D

Request Chain 120

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHEeZ5LMRB7WjgzZe0SjKec&google_cver=1&google_push=Aa02lx-dPK-PiAEsYz95P5A-824qA8-ih_iFpQ7YAxM9OPBEz0Iu0ZPK6rRwZk4wpzpodp25Ca9YtBMmI5rNIZxSFYtl5zBu1fNbev0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-dPK-PiAEsYz95P5A-824qA8-ih_iFpQ7YAxM9OPBEz0Iu0ZPK6rRwZk4wpzpodp25Ca9YtBMmI5rNIZxSFYtl5zBu1fNbev0

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECuO098G7QVeeynuFamzGo4&google_cver=1&google_push=Aa02lx8wL3bmJQ42ETVoOZ6OU4DMaTWvIrIMWbQVfbxW9pZwtn0ckkpPksoHu1U8NEV8g2o-_PnT7pkZTMTgJoZwotYCn-NstBD4BQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkJ6V3ZRQUQ0anFPcUFBOQ==&google_gid=CAESECuO098G7QVeeynuFamzGo4&google_cver=1&google_push=Aa02lx8wL3bmJQ42ETVoOZ6OU4DMaTWvIrIMWbQVfbxW9pZwtn0ckkpPksoHu1U8NEV8g2o-_PnT7pkZTMTgJoZwotYCn-NstBD4BQA

Request Chain 122

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAyyKvs2VVB4C9VPkv5p7cw&google_cver=1&google_push=Aa02lx9xkDX5E6WEvKO1PiltFxcDSSXMZgnCYzPkc-iQFTrxK9WqQUHVvV3y0Z-zjQ2hdESUlDyJ-EWPRdguABCRilfb60I6eXm3Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9xkDX5E6WEvKO1PiltFxcDSSXMZgnCYzPkc-iQFTrxK9WqQUHVvV3y0Z-zjQ2hdESUlDyJ-EWPRdguABCRilfb60I6eXm3Nw&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==

Request Chain 123

https://d5p.de17a.com/cookies/google?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsbY9UrlZnu-8 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsbY9UrlZnu-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsbY9UrlZnu-8

Request Chain 124

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDQ15S4-fXm6B4J47mZQ1Hc&google_cver=1&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e99YPFyIlbiN5lq5lTcGcglu5VyuQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDQ15S4-fXm6B4J47mZQ1Hc&google_cver=1&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e99YPFyIlbiN5lq5lTcGcglu5VyuQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYxNjQ4MTcxOTU1NzMwODQwOA&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e99YPFyIlbiN5lq5lTcGcglu5VyuQ

Request Chain 125

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEADU6RL4ioq_DB10div20_E&google_cver=1&google_push=Aa02lx8ySM-f4YW4ijJtisB1zedvFatpCCrBxoiv-BYHDf94M5JASCIa_xNM1iXuBxP-_nByzXMBePp_QXOA5wPObMGAXF_NqaKXZvU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEADU6RL4ioq_DB10div20_E&google_cver=1&google_push=Aa02lx8ySM-f4YW4ijJtisB1zedvFatpCCrBxoiv-BYHDf94M5JASCIa_xNM1iXuBxP-_nByzXMBePp_QXOA5wPObMGAXF_NqaKXZvU&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbAGckXlRwGvfdQ4tB8GlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8ySM-f4YW4ijJtisB1zedvFatpCCrBxoiv-BYHDf94M5JASCIa_xNM1iXuBxP-_nByzXMBePp_QXOA5wPObMGAXF_NqaKXZvU

Request Chain 126

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGDDNU4EyflAigGt-mQV280&google_cver=1&google_push=Aa02lx9wYbmPheQ-WcF59cpBEfCBGTRUhJK1Ze40SDQafDKOHAw9sumtXFgxuY39hn_8nhCvHA74uoNSZWku8Ilr6QSta5Rbk_LkdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMUERCM0ctMVktQUw5MQ==&google_push=Aa02lx9wYbmPheQ-WcF59cpBEfCBGTRUhJK1Ze40SDQafDKOHAw9sumtXFgxuY39hn_8nhCvHA74uoNSZWku8Ilr6QSta5Rbk_LkdA

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 133

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&google_cver=1&google_push=Aa02lx-Q30QsVjppt9vP8gffX2r-PTzjMgUo9IIa71SOlbPqgtlO1SJ2pXC_zWLz4sm75X-k8R496ZreRNuQ-b3SCtOlwlwtcBlVcTcQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&google_cver=1&google_push=Aa02lx-Q30QsVjppt9vP8gffX2r-PTzjMgUo9IIa71SOlbPqgtlO1SJ2pXC_zWLz4sm75X-k8R496ZreRNuQ-b3SCtOlwlwtcBlVcTcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFhkTVdBWHYxUEZ0SG81&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&google_cver=1&google_push=Aa02lx-Q30QsVjppt9vP8gffX2r-PTzjMgUo9IIa71SOlbPqgtlO1SJ2pXC_zWLz4sm75X-k8R496ZreRNuQ-b3SCtOlwlwtcBlVcTcQ

Request Chain 134

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBXzGk1j7DRZFC0Birmu6WE&google_cver=1&google_push=Aa02lx__2Qofsk1dQZs5SVOKapbQrjz45ywb7DauSl6r-yPs-hPv1xlNUIA3NdB0jpTxPMVOKmITW7b_CLRh_THOU4dwqB9_xaa83ZiN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx__2Qofsk1dQZs5SVOKapbQrjz45ywb7DauSl6r-yPs-hPv1xlNUIA3NdB0jpTxPMVOKmITW7b_CLRh_THOU4dwqB9_xaa83ZiN&google_hm=o8dTsltCQjqKCNIbI2ag4YY

Request Chain 135

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAyyKvs2VVB4C9VPkv5p7cw&google_cver=1&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==

Request Chain 136

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPsGd3gbvqtLphBxmMZBhAU&google_cver=1&google_push=Aa02lx_pEKXIp4bhWfwIeebYwcEbt_OxXupThtjf0nzR5K8Hnio5rTqdFD4DttFmmIjQ0L9x3ejsrnYTkD0uO5KTD9kro1vVuAqxu_nZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_pEKXIp4bhWfwIeebYwcEbt_OxXupThtjf0nzR5K8Hnio5rTqdFD4DttFmmIjQ0L9x3ejsrnYTkD0uO5KTD9kro1vVuAqxu_nZ&google_hm=eS1Wd2RSaGE5RTJwSHEzbjV5SEpTRGNFc1dQTkQzcC4wNn5B

Request Chain 137

https://d5p.de17a.com/cookies/google?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0JxpFFReY1lge4f HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0JxpFFReY1lge4f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0JxpFFReY1lge4f

Request Chain 138

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEADU6RL4ioq_DB10div20_E&google_cver=1&google_push=Aa02lx-eu6rzFiPIqiCMIuE9r2RMfdWAneIngd3cCazNwg_DpSxdEG3CkuaKSZuy53XBfGPZz8nlt2nm1T8yN1NsHIxdqxH3mPaLaFg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEADU6RL4ioq_DB10div20_E&google_cver=1&google_push=Aa02lx-eu6rzFiPIqiCMIuE9r2RMfdWAneIngd3cCazNwg_DpSxdEG3CkuaKSZuy53XBfGPZz8nlt2nm1T8yN1NsHIxdqxH3mPaLaFg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sht6NjlkQcW32gPGyNuRjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-eu6rzFiPIqiCMIuE9r2RMfdWAneIngd3cCazNwg_DpSxdEG3CkuaKSZuy53XBfGPZz8nlt2nm1T8yN1NsHIxdqxH3mPaLaFg

Request Chain 144

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED3osJ1o6EE9Kz5xiQGbwFk&google_cver=1&google_push=Aer7DvLXbWveQbAW-eKrW3iR7FycJOOrfHKgOnCnnzUudU-EPTV2RoByD6tV-DWrHSzzrfKx7a1Oa9VINhj32ofj0rpZcaibDrmuhUY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkwMDQ5NzgwMDcxMDg2ODk3MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED3osJ1o6EE9Kz5xiQGbwFk&google_cver=1

Request Chain 145

https://um.simpli.fi/gp_match?google_gid=CAESEMmL4ld6LYKUg3t2HgItRuk&google_cver=1&google_push=Aer7DvKEqLhi0iV7ptekjb6cvKdjX_vTdYCIQU-W0hev5trWy_1cjMOiPg_FpbRmOqQ8IEvEnYjve-FLhq4yvzMg_BOOaTheH_JKIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F346112DE654D6AA91F661085569971&google_push=Aer7DvKEqLhi0iV7ptekjb6cvKdjX_vTdYCIQU-W0hev5trWy_1cjMOiPg_FpbRmOqQ8IEvEnYjve-FLhq4yvzMg_BOOaTheH_JKIQ

Request Chain 146

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIixf9-OG8wnStuwpb1oJ0w&google_cver=1&google_push=Aer7DvJfZFQvu0ZJtXlSz2KjGRLwhcHuZSGeA8ghUU4SROCFo_qqMEUbcrGKtexFKPNP2Cg4iP42UYS-IRh2Ts4AO9fPTFxT_52va9k HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvJfZFQvu0ZJtXlSz2KjGRLwhcHuZSGeA8ghUU4SROCFo_qqMEUbcrGKtexFKPNP2Cg4iP42UYS-IRh2Ts4AO9fPTFxT_52va9k&google_hm=hmQc1r1PjhfEftq0Kg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D641CD6BD4F8E17C47EDAB42ABLIS

Request Chain 148

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIj9lVbN0t_3lrlnZ1R9Yp0&google_cver=1&google_push=Aer7DvJDktxFpOQlPIOubeTo57TICiA0cu3F70-hJwAq2O2o613BpfpvaqBO0AV9oGyO1lQRnjl889E_DpsTDepKUF1zVzMl-QTGe9I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WJNBgFN2QJO0flY_AthWTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJDktxFpOQlPIOubeTo57TICiA0cu3F70-hJwAq2O2o613BpfpvaqBO0AV9oGyO1lQRnjl889E_DpsTDepKUF1zVzMl-QTGe9I

Request Chain 149

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEBGBH6Hm5kST96KhzKiWsE&google_cver=1&google_push=Aer7DvIu7vyT88P3tsHEYMQA7T87tm7ybtBamdDabv8yhCUEOoU34iS5woVlmSn_0ISixkOdV836tATAronGes_81Uw1XoN_9BjUrgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEBGBH6Hm5kST96KhzKiWsE&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvIu7vyT88P3tsHEYMQA7T87tm7ybtBamdDabv8yhCUEOoU34iS5woVlmSn_0ISixkOdV836tATAronGes_81Uw1XoN_9BjUrgA

Request Chain 150

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEONM0AC1MfOVETwDIf_tbdc&google_cver=1&google_push=Aer7DvIzVZin0wskGC7X5mqRXzzPn_b-qfY_5LDE4LvnhEdhpXxb0swLgbmclyNfwgLPOpys_lzpQT74RCM3Xzrru5HFZWzK178bEP-s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvIzVZin0wskGC7X5mqRXzzPn_b-qfY_5LDE4LvnhEdhpXxb0swLgbmclyNfwgLPOpys_lzpQT74RCM3Xzrru5HFZWzK178bEP-s HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

174 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cybernews.com/security/powder-room-data-leak/ 130 KB
30 KB 232ms
187ms Document
text/html 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b8c7382749fd9c13155bded67982b0365829f28272b166dceb15a8573ee83b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7aca35b97bd01cb1-AMS
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
ct-content-bucket: Security
ct-content-type: Editorial
date: Thu, 23 Mar 2023 22:46:20 GMT
expires: Fri, 24 Mar 2023 02:46:20 GMT
last-modified: Thu, 23 Mar 2023 14:25:52 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 54ms
24ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 808
etag: W/"8256f101039245592bc7dcc5496ed987"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7aca35baf9a70be3-AMS
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Mar 2023 22:46:20 GMT

GET
H2 200 base-9bd202b6a2.js Show response
cybernews.com/js/ 23 KB
9 KB 40ms
39ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/base-9bd202b6a2.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f63e271056ce6a47a22f4676897b74e5b67f8f8244cc49a07a9a6dd6d256e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 40910
cf-polished: origSize=23850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 12:23:25 GMT
cf-bgj: minify
server: cloudflare
etag: W/"641af33d-5d2a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7aca35bacdfa1cb1-AMS
expires: Fri, 24 Mar 2023 02:46:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 102ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f0e2bc60ec1815c862acb7282ecf619909c7902e0b4a6fcc0e444d0cc5b9993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://cybernews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48740
x-xss-protection: 0
server: cafe
etag: 15760203801779634702
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
80 KB 75ms
23ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e143f2cdf70bed2e53adfad635bb27c1134a7f80ebd688bc977e001190ebf5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81557
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 22:06:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Mar 2023 22:46:20 GMT

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34a9b8c3e6088d42a01e3cf800492030fe7432bc24fa9f6ce83e8471f4ab58b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Paulina.jpg
media.cybernews.com/2022/12/ 30 KB
30 KB 107ms
62ms Image
image/jpeg 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/2022/12/Paulina.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1a2f37f367dad6da7a586ac996af87f89cc0512df1bd9a6d964809d7d0e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30591
last-modified: Wed, 14 Dec 2022 10:03:02 GMT
server: cloudflare
etag: "0a6d524cc0d74b82582791ae4959cd2c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=15780000
accept-ranges: bytes
cf-ray: 7aca35bb8f0ab8af-AMS
x-amz-cf-id: TGgd4OIk7k5tcm1P-HJwcClmBCjjDxKKhF7cxNAJE-G8vX6Jxz_egg==
expires: Fri, 22 Sep 2023 14:06:20 GMT

GET
H2 200 PowderRoomresearch.png
media.cybernews.com/images/750w/2023/03/ 29 KB
30 KB 240ms
196ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/750w/2023/03/PowderRoomresearch.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ec6235eea2e87158759e988c1dc63a169989f354fc98f7985eabffa15b4bfa7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30192
cf-resized: internal=ram/h q=0 n=20+132 c=0+0 v=2023.3.4 l=30192
last-modified: Thu, 23 Mar 2023 09:16:51 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfTjUMQ12A2C-EGyq0by10Uajau5KfpxHRw9djGO55DQ:6a22e6a542f03702130fe58863e733db"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7aca35bb8f0cb8af-AMS

GET
H2 200 Lionsgate.jpg
media.cybernews.com/images/thumbnail/2023/03/ 9 KB
10 KB 79ms
35ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail/2023/03/Lionsgate.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698aec61cbf993902247d58bfb7e3c7211af89911bc1c9846b9ff078f59a1e7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b008895ea3b659b7dfd773d182993c34.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9524
cf-resized: internal=ram/h q=0 n=38+149 c=0+0 v=2023.3.4 l=9524
last-modified: Mon, 20 Mar 2023 13:15:20 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfLtBehYvMVHMvA4iEejE1GlU1Pri99XVCPD58WiJxDQ:eb6beb3ee6a0539110a93ad064c0d11b"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7aca35bb8f0db8af-AMS

GET
H2 200 tax-season-phishing.png
media.cybernews.com/images/thumbnail_small/2023/03/ 3 KB
4 KB 83ms
39ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/03/tax-season-phishing.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb59134d914edaedc624ed442a2619572b977ab6233a14b51a1bd44b6882a01c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e56228855f326dc3f2b1babb353bf66e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3581
cf-resized: internal=ram/h q=0 n=33+0 c=25+76 v=2023.3.4 l=3581
last-modified: Mon, 20 Mar 2023 13:28:03 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfRHCXW1Z-jtFZL2SzF0f1R_fv8iFZYhIqdjUqgfspDQ:9ead420c071f8339174a0815f2618407"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7aca35bb8f0eb8af-AMS

GET
H2 200 mars_0317.jpg
media.cybernews.com/images/thumbnail_small/2023/03/ 3 KB
3 KB 80ms
36ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/03/mars_0317.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbaad671eb2f5640175563ee7c9e509538dc5ae77e0d507e1a5bd9772f40f49d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 4a239bcf6999860d9ff48f3a45dc801c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2590
cf-resized: internal=ram/h q=0 n=9+0 c=5+60 v=2023.3.4 l=2590
last-modified: Fri, 17 Mar 2023 10:49:52 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfTxja4ZaFQSz_YY7erp6bZPA98iFZYhIqdjUqgfspDQ:c19f0b439b28e573081b7c7da15cbec6"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7aca35bb8f0fb8af-AMS

GET
H2 200 SafranGroupleak.png
media.cybernews.com/images/thumbnail_small/2023/03/ 4 KB
4 KB 82ms
39ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/03/SafranGroupleak.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0454e0c911f091c65c307b4d5bcc91457434192ca6832ad3f5137a314fe4ff8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0e47e65a81d7993af7f63688479ecb90.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3973
cf-resized: internal=ram/e q=0 n=135+0 c=22+84 v=2023.3.4 l=3973
last-modified: Tue, 14 Mar 2023 05:20:36 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfC5eR6GTxhfIA-nReSqDr50eb8iFZYhIqdjUqgfspDQ:0454ff0f76ae17fc3688d57e39dda557"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7aca35bb8f11b8af-AMS

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/xCSLqKEYp-s/ Frame 9910 35 KB
35 KB 99ms
23ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/xCSLqKEYp-s/hqdefault.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f272ab3eea611edf7c68a31f8dd9b204b2fdccfe4c8d1bc3a498eccdcdd2ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 21:53:26 GMT
x-content-type-options: nosniff
age: 3174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35549
x-xss-protection: 0
server: sffe
etag: "1679041614"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Mar 2023 23:53:26 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 32ms
31ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 830
etag: W/"3d37cd0d64713e75df2c67fb7c907496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7aca35bb5a310be3-AMS
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Mar 2023 22:46:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 103ms
27ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 22:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2469
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Mar 2023 00:05:11 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/ 3 KB
2 KB 66ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/?random=1679611580731&cv=11&fst=1679611580731&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&hn=www.googleadservices.com&frm=0&tiba=A%20million%20at%20risk%20from%20user%20data%20leak%20at%20Korean%20beauty%20platform%20%7C%20Cybernews&auid=1030214003.1679611581&uamb=0&uaw=0&data=contentBucket%3DSecurity%3BcontentType%3DEditorial&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d87bc3eed25e4bb8a73cb9a1c1498866f2e7cbd81b9f6ad473a89ec0669a006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7e5de6c0e742c2fa01e3eaf2a550e210630445fa4dd014d21faee8199fade0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 22:46:20 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/ 350 KB
117 KB 117ms
83ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31073310

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b13af8c099b9f6d701835f1d36aabb860b7aedd976b28e755388be2ccf7b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119513
x-xss-protection: 0
server: cafe
etag: 17824256722241114282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame A0F5 10 KB
5 KB 18ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 20:59:08 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 20:59:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 52ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=45je33m0&_p=1199442171&_gaz=1&cid=425464683.1679611580&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679611580&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&dt=A%20million%20at%20risk%20from%20user%20data%20leak%20at%20Korean%20beauty%20platform%20%7C%20Cybernews&en=page_view&_fv=1&_ss=1&ep.contentBucket=Security
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 61ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT8DKCHF41&cid=425464683.1679611580&gtm=45je33m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 86ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT8DKCHF41&cid=425464683.1679611580&gtm=45je33m0&aip=1&z=182423672

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 22ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1199442171&t=pageview&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&ul=en-us&de=UTF-8&dt=A%20million%20at%20risk%20from%20user%20data%20leak%20at%20Korean%20beauty%20platform%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1951002697&gjid=759831813&cid=425464683.1679611580&tid=UA-149779697-1&_gid=1403519846.1679611581&_r=1&_slc=1&cd1=Paulina%20Okunyt%C4%97&cd2=Security&cd3=Editorial&z=1169385996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 21ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1199442171&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&ul=en-us&de=UTF-8&dt=A%20million%20at%20risk%20from%20user%20data%20leak%20at%20Korean%20beauty%20platform%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookieFooter&ea=load&el=organic&_u=YADAAEABAAAAACAAI~&jid=510675397&gjid=494948723&cid=425464683.1679611580&tid=UA-149779697-1&_gid=1403519846.1679611581&_r=1&cd1=Paulina%20Okunyt%C4%97&cd2=Security&cd3=Editorial&gtm=45He33m0n81KMWQ6GT&cg1=Security&cg2=Editorial&cd6=2023-03-23T22%3A46%3A20.739Z&z=2015832416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/589784210/ 42 B
154 B 93ms
35ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/589784210/?random=1679611580731&cv=11&fst=1679608800000&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&frm=0&tiba=A%20million%20at%20risk%20from%20user%20data%20leak%20at%20Korean%20beauty%20platform%20%7C%20Cybernews&data=contentBucket%3DSecurity%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=915663272&rmt_tld=0&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/589784210/ 42 B
455 B 32ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/589784210/?random=1679611580731&cv=11&fst=1679608800000&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&frm=0&tiba=A%20million%20at%20risk%20from%20user%20data%20leak%20at%20Korean%20beauty%20platform%20%7C%20Cybernews&data=contentBucket%3DSecurity%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=915663272&rmt_tld=1&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-149779697-1&cid=425464683.1679611580&jid=1951002697&gjid=759831813&_gid=1403519846.1679611581&_u=IADAAEAAAAAAACAAI~&z=1181499710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-149779697-1&cid=425464683.1679611580&jid=510675397&gjid=494948723&_gid=1403519846.1679611581&_u=YADAAEABAAAAACAAI~&z=56958209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 53ms
26ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=425464683.1679611580&jid=1951002697&_u=IADAAEAAAAAAACAAI~&z=980468898

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=425464683.1679611580&jid=1951002697&_u=IADAAEAAAAAAACAAI~&z=980468898

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
27ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=425464683.1679611580&jid=510675397&_u=YADAAEABAAAAACAAI~&z=1764231919

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
23ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=425464683.1679611580&jid=510675397&_u=YADAAEABAAAAACAAI~&z=1764231919

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 59ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cybernews.com&callback=_gfp_s_&client=ca-pub-5928161074779380

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31073310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f7d144839d536667c88c524f7c8c4bfddca0d0d283e5917040c770c43cb960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 66ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 58ms
22ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D68 248 KB
51 KB 499ms
498ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1679581552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580752&bpp=4&bdt=175&idt=217&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3806313459038&frm=20&pv=2&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=256

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7122be55d1dde43621c38e2aa47cf35460fa6d949bda4df34b7de62dadb04573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 51705
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:21 GMT
expires: Thu, 23 Mar 2023 22:46:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 016D 21 KB
9 KB 578ms
578ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cc01e4d00bfb22d1ca895d13a7331df8812d091557109b72be402a04feaac3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8997
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:21 GMT
expires: Thu, 23 Mar 2023 22:46:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A27D 140 KB
31 KB 508ms
507ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbfabbad5f4e7c7115bad654411beb57f9450ba1e827104abe5f92e6beebfe8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31444
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:21 GMT
expires: Thu, 23 Mar 2023 22:46:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D68 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20230322&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1679581552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580752&bpp=4&bdt=175&idt=217&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3806313459038&frm=20&pv=2&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/ 150 KB
51 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/reactive_library_fy2021.js?bust=31073310

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9887b45adffeb792a1b1e96a69fa5831622ce3b34f4144c4bd83071e39b4320f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52130
x-xss-protection: 0
server: cafe
etag: 12130353322926358118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H2 200 914be99cd47eba54dcad56263af893ff.js Show response
www.gstatic.com/mysidia/ Frame A27D 10 KB
5 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/914be99cd47eba54dcad56263af893ff.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4426
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 15:49:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame A27D 2 KB
846 B 53ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:42 GMT

GET
H2 200 6c0ae333b3175ed7d2c2f73d7591bf9e.js Show response
www.gstatic.com/mysidia/ Frame A27D 23 KB
10 KB 54ms
18ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6c0ae333b3175ed7d2c2f73d7591bf9e.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1ed7b88356f9f8d803c603f7ba533ebe29e1931bb5843002bef0cc14a0e0ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9859
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 14:55:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame A27D 22 KB
9 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame A27D 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame A27D 20 KB
9 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A27D 0
0 21ms
20ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyjl8LOihG9_XvAe5vVQg89hXqntGSnZf42-Ij57N8_eq2NmY_UKoi3nLrciLNKzn1rFzbTaRtUtpn5-0hIrK0xJv25w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A27D 158 KB
49 KB 76ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A348 624 B
242 B 61ms
60ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjEq4PjATAB&v=APEucNWB_Snd0e0H-DxmxWH0sbXpbZLqrAV2lzSSqT_NC12ydjMNw8Ve-nxKwMSoLhF5xYVqGeNPLsL5gCzWsUnvrM1UYg4NP984lTAMOW5Rcs7jdO_QX4mpDlo-MJwrnvACKEdY1T3Lt0OoZUDCBKr6j1Mf2e4L4eAq4xE5eUMF-AvASX-Mtzk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3F32 78 KB
27 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 3F32 3 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 3F32 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F32 0
0 24ms
22ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJjvd30dKV3F1Q3WGpAFs0Ebbv5urohiogh05S_XcxK8bpoN82XP6NzQzTSCacso3jqyEbi6z5cOvVMMS95M48DArHXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F32 158 KB
48 KB 105ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F32 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuRtoie-QAfZ4q-NRQlk8Mqq6Xes5hYR4jdS2opSXjee8X4_cz4kbmZvBdSni6Wp-b41oj8ericK4mNJj_NEp7W2r6MHWTkdIKfPW4PZBBiMvzkBU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F32 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8475747179624681801&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9758204304275769601/ Frame A27D 18 KB
18 KB 36ms
15ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9758204304275769601/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb0a0dda28c59da9a992285525328bb2b991ae67b80968df4eaa16ce91b22db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:14 GMT
x-content-type-options: nosniff
age: 103267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18319
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 11:48:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:05:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5156388337340324827/ Frame A27D 69 KB
69 KB 69ms
48ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5156388337340324827/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279dc1139faf362b310486d22c66cb29bbb8e07ec5e9f7463f05eb5b02be33bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 10:30:09 GMT
x-content-type-options: nosniff
age: 216972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70329
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 23:17:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Mar 2024 10:30:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8066729350111486349/ Frame A27D 88 KB
88 KB 72ms
52ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8066729350111486349/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a13dcd88aca744aa217e6def748dbb8b39d69f7d5eda99882526d4cdde6bb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:10:53 GMT
x-content-type-options: nosniff
age: 128128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89713
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 07:28:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 11:10:53 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11664729937558705548/ Frame A27D 98 KB
99 KB 64ms
44ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11664729937558705548/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205add00bd586955a7d7412c1f67d69c4fae7652924097505b00c7cf8ed05c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:16:28 GMT
x-content-type-options: nosniff
age: 581393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100740
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 12:04:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 05:16:28 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7747710368662588038/ Frame A27D 59 KB
59 KB 47ms
27ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7747710368662588038/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce4963927579834fc0eacef89494467e53dd0e5f6175638c99c35228ae12fccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:37:02 GMT
x-content-type-options: nosniff
age: 565759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60260
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:02:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 09:37:02 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11482889767058419962/ Frame A27D 30 KB
30 KB 73ms
53ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11482889767058419962/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c376cfb9512e236ec4655d74a44c45e4b56680109d84ea8d7d584606b37e964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 10:06:36 GMT
x-content-type-options: nosniff
age: 131985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31079
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 15:38:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 10:06:36 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3631263347582388610/ Frame A27D 125 KB
125 KB 62ms
43ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3631263347582388610/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8b5b67df1d56cec196a707cf952a1661157d38c209af6058d5d6ce2765c3440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:07:35 GMT
x-content-type-options: nosniff
age: 103126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128104
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 16:53:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:07:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16531587593048821781/ Frame A27D 90 KB
90 KB 38ms
19ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16531587593048821781/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b6e509549da1ad5127d531e0cacd9725fae30c9fb7b4ca8b75a1cff8bdf3249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:17:10 GMT
x-content-type-options: nosniff
age: 498551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92154
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 22:35:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 04:17:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 74ms
64ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcfqOvdYcZIGYA4vq3gOiopKYBNfQsdRvgYHboKURv-EeEAEgttfpeygIYJW6sIK4B6ABref5-ijIAQapAhbsStpbRrI-qAMByAMCqgTrAU_Q63CrdJEPIvDNioMtFUBby4ZMsF3waHkfGXHE0mYe6oUp-n8QQsOjb-S4V1v6ALrQt8qGcqjPCCK8i-C6UkSBhskthi9SUh8o__nOUeY-067UZTY6AqP8MAGi-NNOta2yE5cCQFw3ey-Wdo24FyI4sWcfrYXV9Mu-lUbUbX2Z-uuWTkqvXFBRKJNvuQax_flqGwIPe0NpgJ2J0x0GA2ruT9z6nIWmvX1kBZyUccVxU2yoIJ9CzXOmS3BSr3lvjhNihQ0vcbyKXO48lOv2nKHmcD6WnZAkE2gkK-wYyym7FfMbVaYrHvbpojPABIndr_SuBJIFBAgEGAGSBQQIBRgEoAY3gAetn8raA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI2wJNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=nPDIUIyjlcM&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 73ms
64ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMJeOvdYcZIGYA4vq3gOiopKYBK-nibVvgYPozbAR0cO9ipgOEAIgttfpeygIYJW6sIK4B6ABzbO_owPIAQaoAwHIAwKqBPkBT9CpBLd0kg8i8M2Kgy0VQFvLhkywXfBoeR8ZccTSZh7qhSn6fxBCw6Nv5LhXW_oAutC3yoZyqM8IIryL4LpSRIGGyS2GL1JSHyj_-c5R5j7TrtRlNjoCo_wwAaL40za2rZITFlvZXj979Pu78hEHx59-jKIbaz5mL1N-p1CPlhsoAWCVSlpfFqQrV5q6hkT--R8YAnp4Q5yBnXzSHfMAahtM3g-fh1O-fZEGnmFyx4RQbF0jnrfOckZNr050JEKAboAhsrHhhKHA8iWtLdwvwrBgyrxF45L5Qgwu1tZpgn3PZaedghHWNEJmhROD27VZk5HqPFt3da-cwAS8l77hpQSSBQQIBBgBkgUECAUYBKAGN4AHm8zAXKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI2wJNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=tGkHGcnrP-o&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 72ms
63ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CquZDvdYcZIGYA4vq3gOiopKYBO-5tplu08KPk98Qz6b0_QgQAyC21-l7KAhglbqwgrgHoAHrzfjVKMgBBqkCnASW_OmwYT6oAwHIAwKqBOkBT9C0BnhriDQbQ36G7TcOR0zXjV60AL1ke8iid_TRa1-mhSQZpCQf36Nr5_FCW7Yaodeg1o1grJJFLr7JvKxUUoad1CDQcE1KDCnoppFM5jyT59FwI3ZDqvg6RW0Z0c03rhPRFZ4TTg_Du7lt3BNR48la9adibjRgJVUXrjmGphoFAJeWSB6qUdEo15pPhbF9-Z_tAY97QZx2nonRHfP1aexP3A9qhKa9fZPzn5Rxx4Slb6kgn7cudG-85BKotYdLvt9nFyHIvkCj7yIYN0U-xpn9yEq8dS4xZDzGCx-1p0c_0RVNMZF_6WbABK_SkdufBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfrhcm1A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI2wJNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQG0BUBmBYBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=rfe41vZXEAc&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 74ms
65ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYOrLvdYcZIGYA4vq3gOiopKYBNmOpsZv_dve3IYRv-EeEAQgttfpeygIYJW6sIK4B6ABt7iLyQPIAQapApwElvzpsGE-qAMByAMCqgToAU_QqHYXaogyG0N-hu03DkdM141etAC9ZHvIonf00WtfpoUkGaQkH9-ja-fxQlu2GqHXoNaNYKySRS6-ybysVFKGndQg0HBNSgwp6KaRTOY8k-fRcCN2Q6r4OkVtGdHNN64T0RWdE059ydK7bdwTUePJWvWnYm40YCVVF645hqYaBQCXlkgeqlHRKNeaT4Wxffmf7QGPe0Gcdp6J0R3z9WnsT9wPaoSmvX2T85-UcceEpW-pIJ-3LnRnv5jlZnDbQCyxwocI43dfxOLUMetvWahu_xa1l1cuPXDt2WwSQ6xlP98DiRv2ER7ABKaI2oiyBJIFBAgEGAGSBQQIBRgEoAY3gAexx_Q2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQjbAk0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=5mp3Rg9pl2Y&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 73ms
64ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ74cvdYcZIGYA4vq3gOiopKYBMHA0r5vy-ycmYsRoty_oNQBEAUgttfpeygIYJW6sIK4B6ABz534_QPIAQapAhbsStpbRrI-qAMByAMCqgTpAU_QvCuBdJYPIvDNioMtFUBby4ZMsF3waHkfGXHE0mYe6oUp-n8QQsOjb-S4V1v6ALrQt8qGcqjPCCK8i-C6UkSBhskthi9SUh8o__nOUeY-067UZTY6AqP8MAGi-NM2tq2SExZb2Uo_e4CYjh347HoGsWcwjIXVh8i-lSXbbX3A8vaWlEhaG6dSqNeaunOy_XmfGPeMe0Oeg2iK0R3zAJ_tTdwPn3KlvX2RBGmXcceEUJmrIZ-3zpKgrJQbqLWHiOyvGRchyL5fuolwKjcIDa2K_cgRv3UuMWQ882UUp6RHP9EVTVbVebpXwASf_N3JqwSSBQQIBBgBkgUECAUYBKAGN4AHmeKHAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI2wJNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=BmWF6E_JmYs&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 72ms
64ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C14g2vdYcZIGYA4vq3gOiopKYBJqP1rZvs6mqoLER4ses7vQIEAYgttfpeygIYJW6sIK4B6AB44Pz4gPIAQapAhbsStpbRrI-qAMByAMCqgTqAU_Qn22BdJQPIvDNioMtFUBby4ZMsF3waHkfGXHE0mYe6oUp-n8QQsOjb-S4V1v6ALrQt8qGcqjPCCK8i-C6UkSBhskthi9SUh8o__nOUeY-067UZTY6AqP8MAGi-NM2tq2SExZb2Uo_e5Spm-8JB8effoyiG2s-Zi9TfqdQj5YbKAFglUpaXxakK1eauoZE_vkfGAJ6eEOcgZ180h3zAGobTN4Pn4dTvn2RBp5hcseEUGxdI563znJGTcUdU2VCgOyPeMyx4ZWhyoJTpB3cMe3jHsqUGF0MMWgoP1lUzkdPHdEbW7ClcpnZVMAEjeDkvesDkgUECAQYAZIFBAgFGASgBjeAB4X8jB2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCNsCTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=987vfWW9nL8&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 69ms
61ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIlGJvdYcZIGYA4vq3gOiopKYBI6Tlr9v2L_v1ewQzc_b_uogEAcgttfpeygIYJW6sIK4B6ABkpmr_ALIAQaoAwHIAwKqBOgBT9CdM7h0lw8i8M2Kgy0VQFvLhkywXfBoeR8ZccTSZh7qhSn6fxBCw6Nv5LhXW_oAutC3yoZyqM8IIryL4LpSRIGGyS2GL1JSHyj_-c5R5j7TrtRlNjoCo_wwAaL40061rdITC1PZ70_-2l-cN67ILCLIYkmJj9ONztecTNJdfO3zAZWWDK9c0lEo12-5hjH9-WobAo95Q2mAnYnRHQYDaO5P3Pqch6a9f2QFnJRxx3FTbaggn1fIv06589NmcI-I7M_ChwjjO22Is-QxnAQpoG7_freXVy49cI__QRlDrGU_3wPQZOdDLsAEptCD8rEDkgUECAQYAZIFBAgFGASgBjeAB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQjbAk0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=OGq3CB1ADH0&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A27D 0
0 72ms
64ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS276vdYcZIGYA4vq3gOiopKYBLmKp-xt-ZTCkZUR3aq81_ICEAggttfpeygIYJW6sIK4B6ABj7O14gHIAQapAhbsStpbRrI-qAMByAMCqgT7AU_Qqmm7dJgPIvDNioMtFUBby4ZMsF3waHkfGXHE0mYe6oUp-n8QQsOjb-S4V1v6ALrQt8qGcqjPCCK8i-C6UkSBhskthi9SUh8o__nOUeY-067UZTY6AqP8MAGi-NM2tq2SExZb2Uo_e6Wd264IB8effoyiG2s-Zi9TfqdQj5YbKAFglUpaXxakK1eauoZE_vkfGAJ6eEOcgZ180h3zAGobTN4Pn4dTvn2RBp5hcseEUGxdI563znJGTegoReWNReSK10MUcbyaXPZ9tunMnIWHa1yVtbLktdoND17cS45lNsn-nyyB_xZMfhXfsoQTx7qz6yTmwlGbMeBowASg4rXe6gOSBQQIBBgBkgUECAUYBKAGN4AH2czKnQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCNsCTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=j7TgYMqMwAc&uach_m=[UACH]&cid=CAQSKQDUE5ym27VM8UKu7nhO5gOql5TI8Lj1-Jdu_rR-KtVPpC-Lsa-8bkHCGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 16FC 1 KB
643 B 19ms
12ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 10:06:00 GMT
etag: 48472445140208031
expires: Fri, 24 Mar 2023 10:06:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A27D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d103b6c91767b6796e622cf00b9a6e44a8c81bb70eb7a1aec48a6d0dd1c83faf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 25ms
23ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
22ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame B9B7 10 KB
4 KB 17ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:29:08 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 22:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame 6441 10 KB
4 KB 19ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:29:08 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 22:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16FC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIcbb6xlwtTgQ8ToEcbsE0U&google_cver=1&google_push=Aer7DvIbLUgse8GhAY44jOFGwKeLbED1h6rT0g7vRWzpUwiFcaeIbPN1RuRC7y7tG-37p61aNK7eZTfYQ0SHmpy0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIbLUgse8GhAY44jOFGwKeLbED1h6rT0g7vRWzpUwiFcaeIbPN1RuRC7y7tG-37p61aNK7eZTfYQ0SHmpy0ACEcoYsONM7EtHm2

170 B
188 B

48ms
47ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIbLUgse8GhAY44jOFGwKeLbED1h6rT0g7vRWzpUwiFcaeIbPN1RuRC7y7tG-37p61aNK7eZTfYQ0SHmpy0ACEcoYsONM7EtHm2

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 23 Mar 2023 22:46:22 GMT
Server: MT3 668 4401257 master cdg-pixel-x12 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIbLUgse8GhAY44jOFGwKeLbED1h6rT0g7vRWzpUwiFcaeIbPN1RuRC7y7tG-37p61aNK7eZTfYQ0SHmpy0ACEcoYsONM7EtHm2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 16FC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPpZUj7egCvJNNTs2CsKb4&google_cver=1&google_push=Aer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9Gg...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPpZUj7egCvJNNTs2CsKb4&google_cver=1&google_push=Aer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9...

43 B
420 B

208ms
170ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPpZUj7egCvJNNTs2CsKb4&google_cver=1&google_push=Aer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7aca35c50eb9b978-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 314
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPpZUj7egCvJNNTs2CsKb4&google_cver=1&google_push=Aer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKTz9xMtBEZEtN7jnhrmc9K8ctPVZugkdv2tIE9Pjj6ypzHu6gChO9ftMc9oN4Mnm5PJThAR53nb6lZoN3cuz62KD-Qrp9GggoR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7aca35c39d2cb978-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 16FC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENjJITHJuLBewbApJhvnEqs&google_push=Aer7DvJWTKWEYBpQ9WMSUADO3lQFqMJG8G491qrBSI3FOmR55DxZe3csmV...

170 B
243 B

31ms
29ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENjJITHJuLBewbApJhvnEqs&google_push=Aer7DvJWTKWEYBpQ9WMSUADO3lQFqMJG8G491qrBSI3FOmR55DxZe3csmVb8YxQl4K1ZjIv2FJWs2la0G3irh3Qp4SLESNydiBwFC3Zy

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230033-FRA
pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1679611582.734047,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENjJITHJuLBewbApJhvnEqs&google_push=Aer7DvJWTKWEYBpQ9WMSUADO3lQFqMJG8G491qrBSI3FOmR55DxZe3csmVb8YxQl4K1ZjIv2FJWs2la0G3irh3Qp4SLESNydiBwFC3Zy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 16FC 70 B
265 B 121ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJsmskCrfUiIhNSWtHOGEAU&google_cver=1&google_push=Aer7DvKcMBnzC3H94gHv3H3k-UYoq5kD9RZQAGQ8cpGMu_vvdYs-LqKWn82YyZPx8vfqlewHXPj01eOfj4gXKdXGjEwg8khS59nrLXDl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 16FC 0
174 B 74ms
17ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMKjv-VLBYx2JBbjGOk7M3U&google_cver=1&google_push=Aer7DvIGpWNQqnkf9xwpsOwCjdbKTTXqAbz0Mt-XInfLSJKTqh0QHiKBmzRPbDg-baXUfonNMUY0YudckzTZG0LLYl2B_2Z4l7-ClUX6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1679581552&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580758&bpp=1&bdt=182&idt=263&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zyCetYlXgy&p=https%3A//cybernews.com&dtd=266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16FC
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFQS2oEhgZAEes3FOTwKtSI&google_cver=1&google_push=Aer7DvItc-mVRxZqHC3TyGK-6kga6-vye4Xoe3CNolvve2B7eueGTI8rS9aOFHERrCisCA45MFaQIkWNmsZzlkp1W4f0...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFQS2oEhgZAEes3FOTwKtSI&google_cver=1&google_push=Aer7DvItc-mVRxZqHC3TyGK-6kga6-vye4Xoe3CNolvve2B7eueGTI8rS9aOFHERrCisCA45MFaQIkWNmsZzlk...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=36d209b1-8ff0-4daf-b29c-c48200a60af2&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg&google_hm=-bjP6KSEQ7CPmI7WwfT...

170 B
188 B

26ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==
date: Thu, 23 Mar 2023 22:46:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 16FC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvL-ijUwc6cjedjcTbFiJpx6PUmzr2RRk...

170 B
232 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvL-ijUwc6cjedjcTbFiJpx6PUmzr2RRk9irJuKuaZnsZqULadALR1mwoFfS_QCMnfcnZTEDIoDDMorS6QD39dshsDFfdFbYHrU

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Mar 2023 22:46:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEM2NJeSfRC4R20tOg1UJi8&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvL-ijUwc6cjedjcTbFiJpx6PUmzr2RRk9irJuKuaZnsZqULadALR1mwoFfS_QCMnfcnZTEDIoDDMorS6QD39dshsDFfdFbYHrU
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 16FC 0
139 B 92ms
22ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-ZytrnDHQHY0mBHBO-hXuUhn34-6MJk_MnHlv09OusK4dQ1sne_cJLSF6w5pvLydyvpLW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A348
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1

43 B
632 B

11ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjEq4PjATAB&v=APEucNWB_Snd0e0H-DxmxWH0sbXpbZLqrAV2lzSSqT_NC12ydjMNw8Ve-nxKwMSoLhF5xYVqGeNPLsL5gCzWsUnvrM1UYg4NP984lTAMOW5Rcs7jdO_QX4mpDlo-MJwrnvACKEdY1T3Lt0OoZUDCBKr6j1Mf2e4L4eAq4xE5eUMF-AvASX-Mtzk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Mar 2023 22:46:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A348
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzWvf.FpoySnzsRKJcNVwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1&google_hm=2

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjEq4PjATAB&v=APEucNWB_Snd0e0H-DxmxWH0sbXpbZLqrAV2lzSSqT_NC12ydjMNw8Ve-nxKwMSoLhF5xYVqGeNPLsL5gCzWsUnvrM1UYg4NP984lTAMOW5Rcs7jdO_QX4mpDlo-MJwrnvACKEdY1T3Lt0OoZUDCBKr6j1Mf2e4L4eAq4xE5eUMF-AvASX-Mtzk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Mar 2023 22:46:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAj4UMspqCgw1IDTZWIABwc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A348
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIBRWQnQpxUjU0wVHu8M3CU&google_cver=1

43 B
1 KB

42ms
13ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIBRWQnQpxUjU0wVHu8M3CU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjEq4PjATAB&v=APEucNWB_Snd0e0H-DxmxWH0sbXpbZLqrAV2lzSSqT_NC12ydjMNw8Ve-nxKwMSoLhF5xYVqGeNPLsL5gCzWsUnvrM1UYg4NP984lTAMOW5Rcs7jdO_QX4mpDlo-MJwrnvACKEdY1T3Lt0OoZUDCBKr6j1Mf2e4L4eAq4xE5eUMF-AvASX-Mtzk

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Mar 2023 22:46:21 GMT
AN-X-Request-Uuid: 65ea63a9-b261-4d0f-98f7-5a2e81a1d559
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIBRWQnQpxUjU0wVHu8M3CU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A348
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzNTE5MTM2NzczMDg1MzQ0OQ%3D%3D

170 B
232 B

27ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzNTE5MTM2NzczMDg1MzQ0OQ%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 23 Mar 2023 22:46:21 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7ec10b9a-38be-4594-8db6-1704e446eb2e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzNTE5MTM2NzczMDg1MzQ0OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 914be99cd47eba54dcad56263af893ff.js Show response
www.gstatic.com/mysidia/ Frame B9B7 10 KB
4 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/914be99cd47eba54dcad56263af893ff.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4426
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 15:49:51 GMT

GET
H2 200 4471e8cf2b0d0f14a71f816ec3ea39a0.js Show response
www.gstatic.com/mysidia/ Frame B9B7 11 KB
5 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4471e8cf2b0d0f14a71f816ec3ea39a0.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad89e0a7ba5bc269ae857d3d45bbf5ce07e8092879ed4c27d72e3e8809878217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4799
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 01:11:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B9B7 8 KB
1 KB 122ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 21:57:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame B9B7 2 KB
765 B 39ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame B9B7 22 KB
9 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame B9B7 3 KB
1 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame B9B7 20 KB
8 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B9B7 0
0 27ms
22ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjoj7bFS7dCpj4AJVbhhyFntFBCja3GhrJQg4vNIshfMdoOyaCrcw3227zJY4MNnkcGbDGXNkrR98FnKdJ43EClRaxOA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9B7 158 KB
48 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame B9B7 34 KB
14 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:42:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6441 6 KB
745 B 78ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 22:05:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 6441 2 KB
765 B 20ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 6441 22 KB
9 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 6441 3 KB
1 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 6441 20 KB
8 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6441 0
0 31ms
25ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm2nyZkvTX--mDodMDGzROc-Ge6JF9Et2uFv4gkzY8qgZJHV9tW7mo_iKHP3PVOfERYYrP2pl8QUr4-3I8b4jOtFcuOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6441 158 KB
48 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H3 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 6441 34 KB
14 KB 22ms
15ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:42:45 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F32 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4469103134743&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F32 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4469103134743&version=m202301230201&ct=76&x=1&cor=8475747179624681000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3F32 88 KB
36 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjxobjK6LVJOZVPo1ixmbnAruTI6_E0F-SBzfvIwExBH_g9FvUxRYydnXGEhlj_ntS7n82r2OXpIchGcA39BNZMA9LnakwdeXsRbqLICVNfJk7Zig&cry=1&dbm_d=AKAmf-AeQE6ib-SjqCkflZoMRop1wOUHEwNTe7HWTnozkhClmbMJIiXkraLK5vUMy4N_tbIpNDY7P-Hu0Ku_tRKhsuEvdplKd-RxJ7TNokMqxF21i7lnQ9WVMNjYlQfOpYUGnILeiTEsbN9clYVe-XuDiBnqZNCcyHufHZzA14FCqHRUbAUbvwDffbXaL0gSJAAY47lsPgrckHxfa1IPpYLrF8hbzyCbP6ZpBJ4gJUddnOwTWqiPwhL9_XpMYXAjb3bYaYJuRY9f0L1aAzFNNStOz0b-JMYwNtKYKGJYSyagCAkMxKGwF_dSRRiwM06Fq7_zxXdvn3coZQDFO_Zd3aAbTEGsAVSjs9OA5oWAldFFMx2uYZanFTYDuDhPgRWj9R8_HyS9WySgaqA_BoaljvpDzrKECPb_Xoeqw1zyrd_36q5XPYWVZHnHtEWDmrMJehDNvMI9nL6AeQT8PIyC1WYcFP1tWZx3VZ0GHmp6xknx9efo-vN70XluDKWt5SKKvXIwJgaLE-5e9Of9JNaRX2aecK9kQBJCEegKtDaqjpwk60MYXndwQpOOgmCBfyuoGpPwQsMNYJuZa1oo2XyU0UlwAIpaPN4KJj9iWJtCvi5bYIN8R3mnr7TCVZAG9F0iphjPsPKpXbqd2eOtSXFujhf7AG-z20vXJHXHAt5I0e_RNzcEnydITR-HLwhYV-zI4Q15b2Bb0u-pF52xn-REZ5NpY_tHgiAxMc4XagQGb_FFDfTEACJUTJceBfiVRnaqJP28j6o8XXQpda6-FCQ_SnMqMlyrW6Tz64wqqQccLUzCFuLP149tv1K-qgzr33U0ja_RwcAwawfPbFu79wl9fIDz-JY6WDIBoeELWU3Qo0RMCBx0bmxALVRsCRUsiHWpnLlh5yWjZqfHLkOAcWHzVG61JmDowadOQhGOeJxMVJP9F23QawD_IPKQ0pjW0JpczudKdHsg70dDpUS4caHXY-j2Ba8oWFEcE2LwUnr1OaNBk0_o_5KMK_pZFNKGEvDhj2DzLKGbCpFowoFOyDt3cYDDHXwcApqAm-AFuxPLdeVG7Rp7YgIfDgLtQcfNzc_t9Wma1A2W2oQU_A3KkKxJZ24fEa1yYBkReAeROmKy--SJsWn9yM7sUk35k3JHViV-0-b-OnHbHcMAuRUa6IjzANV6kNLAL_Ctt-UiLRLy-2lyCfmGF4vjyx_m2wyKGLX_itbVSoZOjgbMWQ71OcFZvbdGri7U8sly4JIxOwQfck91LHrljTDtmVgdERP9y1-faFfGELtwZVlFNaYg2zRwN6bbscPvblCTWD3zsnZBsKIO3YLIi9Fhxv2HOVHn_wJKBI9zoKB-OOl5xrlU76n5xwxwE8rUudXq9_nkR0SQU2Oh0jQy7cE76C3l0kNufYhD5CnQ8LuFraPdfDQsJvgtutrZoS15ms_iolfap6mKRuSoKlhdavLw90NIzjL1SKm1KhM0bgJYrzxFJzUF0Qedd22Ylx9shadxPIviuJoa0syBKhnYTG5SEOjaaRJwKAa14VMRlUqsMzq1wAYrT-ashApjXmR4fN0isR8z4fmwiX9gBJi4OT2VH2zAgORAKn3kGpr5-pV88mIBdUbEOY5iPzrxZJFHxU6IeKBGsOHPs_zo2rktzFKLauZ4sDG9T347gk-Ni-po-qOdf3CROM4Q1AyTPAZspMedYJh4lXfr3mPPQzU0iaJPTAN8BpP3ldRvToZtO2rjdkK9A6_Vd1SuKAC-cU3hyKT0KjtwB9SAgiCDEH9Q_xyO7qyLNJebGEHXrJ9H0n8EVfm_ylY6IKEbhI3I7gNu2rGuaejhsb34j8k4pYTPqER01uNzRF_G9c8-dKyyHvJa16WVU5pnfYOepY-FbqyeFeTVVhlDjJoIGQB4jPJE9Hdk38zS7NYP6Ks5QKx4MvvtXoaCm_x0r_mfFULG43x2vVzUpRwDel3bY4vSQzEg9SSwc9ZziKOzE4g1ZBq0ytJe7YwgXOCu0VBPcjB-AHtTqQsj4bqqn-CvSoghHjTwhkCx0a7vhm02oeDrEivj6eRF904IuxSh5OON9Fm6xpGs4sIWxCPZOQo6bKXIyZP24t48wmUeq2pXHZBuJfx0J6m0D5TRPK9LTFJF6GqSYeYFFhbNcx1G1Yqu3_Kl92wzue4dNJG-Uzr5aTjgPeTPqkF7LVNwgWvLYcZxpjDu_Efo77eV47ZTiUQbFI7oAx84YAQfKc4Of8VlgOcCqicKDLQaR7kZmT69Qsef0J6cdnRUrdXdpI-ZjulDfDXfhs_XQUqNIyZrTsbtuBqgUBQzLT6XbQ2e_z6QRCxIXiymMeGf8XtM-Bs03p4jMkUUJCsQb6wTBgZOXMmyeBZZhSHbJ4p7kdEyLsZ7OKyfIMXJQDviL8jXYEVpv390eLlML_A9OK_CMyIvGXOW8TDTQDCW9AyTPbhcLZeviR0hRPuAyQb4sv3hkxdw2ngFzk-h6ivgrKhxl-md7X6UdOP3iHBTFWejO10NsCPu5xntHV4u-wf3VLXMzANG226loCMXx__3VBmXqBhF04jB7p8ZAoAo5z3vIOLk5b8SObsyUOy6110BfcvMMR9o0kHhiFfrVnBaaYZlZVxYnmgBK4AkhetFik2Cjgy3f0mgjYoWD0_bCHm-zT1NSUCvL2VmKbFgh4DHd2lDEVblqYJIjz3fCu46pSZrvF_QtnX0RLRe5wB2XFG1Tq986eyq3PVj5pShbrEwkHeOPUg-mBybXY3O7FbaaBzfvMe9xGtmglF_M9kIJRoMVhyFtgXitk5EZWjqc_oBgeBornCYrxcRLVoP6kZPtSZ65v4fIOrZ3Qk8RUm-0GszWFWmBX6lHNiA1dqXaUVADUgYV__LPmW0DJg3Y-RIudRM0xL2GM55LVzt69sWsXyKizPt6LaspGSk59p5WoAUYnwIa5ZiAH_R20AgG_XDPc4fxKP41mVqpK59THAxnQTxZAfzplCGstMrJieCUpwNpfkqgfk9ZvOvEAFiYk9owraEEKQp8eDcHTPM5fF2ht_mGBb8g8fmeC8sz2h_E2RYmvucF_0Xk7ye7g2qTrhuPvuv0ONY5HAek95na2frqIiTfhUbiyqy91H0dUxgKfmIYizLECNDnbsSfR13AHScRRG5n6CmInj5cEK660JEUAp61QZJLbvAa5NfGXF1Dclu8EBaO046NF5KOEeAAXHd-9Mf7d1TIj5tI4bnacJNCX8PnPpKY1StEuhV7TtgpNxJ5lAJcxVHS1b4RKQ-5kvbXEltLYVRcInfDinkqj3KbWrKW1708_sYklwSwrTlxAl78lsF9GoVZ6F2Ll8LUKyVltHDt9SOHTzTGaMOpKWD7MI9WiBZFle8isiy-p41e7xPKQkWUpMBrDfMXU2EHL-eppPoIdaZTdWS82hwX6nlWpLkSgxkzXiwjssn_TSM4mmxgc0-gCzEcJhZc1r_R7kktjbRnlozDaBGsJvKFwQCwCEeHG6_2Q&cid=CAQSKQDUE5ymQrohonEqtqgusOMxLX9iuc9Yyks2ohZxYynZTgQcVwuJC5ibGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=8475747179624681000&adk=497053795&idt=88&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

070fb207d1ac5dea5578095084e68e39fe24dcaf6e3a5c9cec322f7e455b923c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36726
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B482 143 B
166 B 18ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 525A 1 KB
643 B 13ms
12ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 10:06:00 GMT
etag: 48472445140208031
expires: Fri, 24 Mar 2023 10:06:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3F32 170 KB
59 KB 107ms
22ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 18:05:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/ Frame 3F32 11 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjxobjK6LVJOZVPo1ixmbnAruTI6_E0F-SBzfvIwExBH_g9FvUxRYydnXGEhlj_ntS7n82r2OXpIchGcA39BNZMA9LnakwdeXsRbqLICVNfJk7Zig&cry=1&dbm_d=AKAmf-AeQE6ib-SjqCkflZoMRop1wOUHEwNTe7HWTnozkhClmbMJIiXkraLK5vUMy4N_tbIpNDY7P-Hu0Ku_tRKhsuEvdplKd-RxJ7TNokMqxF21i7lnQ9WVMNjYlQfOpYUGnILeiTEsbN9clYVe-XuDiBnqZNCcyHufHZzA14FCqHRUbAUbvwDffbXaL0gSJAAY47lsPgrckHxfa1IPpYLrF8hbzyCbP6ZpBJ4gJUddnOwTWqiPwhL9_XpMYXAjb3bYaYJuRY9f0L1aAzFNNStOz0b-JMYwNtKYKGJYSyagCAkMxKGwF_dSRRiwM06Fq7_zxXdvn3coZQDFO_Zd3aAbTEGsAVSjs9OA5oWAldFFMx2uYZanFTYDuDhPgRWj9R8_HyS9WySgaqA_BoaljvpDzrKECPb_Xoeqw1zyrd_36q5XPYWVZHnHtEWDmrMJehDNvMI9nL6AeQT8PIyC1WYcFP1tWZx3VZ0GHmp6xknx9efo-vN70XluDKWt5SKKvXIwJgaLE-5e9Of9JNaRX2aecK9kQBJCEegKtDaqjpwk60MYXndwQpOOgmCBfyuoGpPwQsMNYJuZa1oo2XyU0UlwAIpaPN4KJj9iWJtCvi5bYIN8R3mnr7TCVZAG9F0iphjPsPKpXbqd2eOtSXFujhf7AG-z20vXJHXHAt5I0e_RNzcEnydITR-HLwhYV-zI4Q15b2Bb0u-pF52xn-REZ5NpY_tHgiAxMc4XagQGb_FFDfTEACJUTJceBfiVRnaqJP28j6o8XXQpda6-FCQ_SnMqMlyrW6Tz64wqqQccLUzCFuLP149tv1K-qgzr33U0ja_RwcAwawfPbFu79wl9fIDz-JY6WDIBoeELWU3Qo0RMCBx0bmxALVRsCRUsiHWpnLlh5yWjZqfHLkOAcWHzVG61JmDowadOQhGOeJxMVJP9F23QawD_IPKQ0pjW0JpczudKdHsg70dDpUS4caHXY-j2Ba8oWFEcE2LwUnr1OaNBk0_o_5KMK_pZFNKGEvDhj2DzLKGbCpFowoFOyDt3cYDDHXwcApqAm-AFuxPLdeVG7Rp7YgIfDgLtQcfNzc_t9Wma1A2W2oQU_A3KkKxJZ24fEa1yYBkReAeROmKy--SJsWn9yM7sUk35k3JHViV-0-b-OnHbHcMAuRUa6IjzANV6kNLAL_Ctt-UiLRLy-2lyCfmGF4vjyx_m2wyKGLX_itbVSoZOjgbMWQ71OcFZvbdGri7U8sly4JIxOwQfck91LHrljTDtmVgdERP9y1-faFfGELtwZVlFNaYg2zRwN6bbscPvblCTWD3zsnZBsKIO3YLIi9Fhxv2HOVHn_wJKBI9zoKB-OOl5xrlU76n5xwxwE8rUudXq9_nkR0SQU2Oh0jQy7cE76C3l0kNufYhD5CnQ8LuFraPdfDQsJvgtutrZoS15ms_iolfap6mKRuSoKlhdavLw90NIzjL1SKm1KhM0bgJYrzxFJzUF0Qedd22Ylx9shadxPIviuJoa0syBKhnYTG5SEOjaaRJwKAa14VMRlUqsMzq1wAYrT-ashApjXmR4fN0isR8z4fmwiX9gBJi4OT2VH2zAgORAKn3kGpr5-pV88mIBdUbEOY5iPzrxZJFHxU6IeKBGsOHPs_zo2rktzFKLauZ4sDG9T347gk-Ni-po-qOdf3CROM4Q1AyTPAZspMedYJh4lXfr3mPPQzU0iaJPTAN8BpP3ldRvToZtO2rjdkK9A6_Vd1SuKAC-cU3hyKT0KjtwB9SAgiCDEH9Q_xyO7qyLNJebGEHXrJ9H0n8EVfm_ylY6IKEbhI3I7gNu2rGuaejhsb34j8k4pYTPqER01uNzRF_G9c8-dKyyHvJa16WVU5pnfYOepY-FbqyeFeTVVhlDjJoIGQB4jPJE9Hdk38zS7NYP6Ks5QKx4MvvtXoaCm_x0r_mfFULG43x2vVzUpRwDel3bY4vSQzEg9SSwc9ZziKOzE4g1ZBq0ytJe7YwgXOCu0VBPcjB-AHtTqQsj4bqqn-CvSoghHjTwhkCx0a7vhm02oeDrEivj6eRF904IuxSh5OON9Fm6xpGs4sIWxCPZOQo6bKXIyZP24t48wmUeq2pXHZBuJfx0J6m0D5TRPK9LTFJF6GqSYeYFFhbNcx1G1Yqu3_Kl92wzue4dNJG-Uzr5aTjgPeTPqkF7LVNwgWvLYcZxpjDu_Efo77eV47ZTiUQbFI7oAx84YAQfKc4Of8VlgOcCqicKDLQaR7kZmT69Qsef0J6cdnRUrdXdpI-ZjulDfDXfhs_XQUqNIyZrTsbtuBqgUBQzLT6XbQ2e_z6QRCxIXiymMeGf8XtM-Bs03p4jMkUUJCsQb6wTBgZOXMmyeBZZhSHbJ4p7kdEyLsZ7OKyfIMXJQDviL8jXYEVpv390eLlML_A9OK_CMyIvGXOW8TDTQDCW9AyTPbhcLZeviR0hRPuAyQb4sv3hkxdw2ngFzk-h6ivgrKhxl-md7X6UdOP3iHBTFWejO10NsCPu5xntHV4u-wf3VLXMzANG226loCMXx__3VBmXqBhF04jB7p8ZAoAo5z3vIOLk5b8SObsyUOy6110BfcvMMR9o0kHhiFfrVnBaaYZlZVxYnmgBK4AkhetFik2Cjgy3f0mgjYoWD0_bCHm-zT1NSUCvL2VmKbFgh4DHd2lDEVblqYJIjz3fCu46pSZrvF_QtnX0RLRe5wB2XFG1Tq986eyq3PVj5pShbrEwkHeOPUg-mBybXY3O7FbaaBzfvMe9xGtmglF_M9kIJRoMVhyFtgXitk5EZWjqc_oBgeBornCYrxcRLVoP6kZPtSZ65v4fIOrZ3Qk8RUm-0GszWFWmBX6lHNiA1dqXaUVADUgYV__LPmW0DJg3Y-RIudRM0xL2GM55LVzt69sWsXyKizPt6LaspGSk59p5WoAUYnwIa5ZiAH_R20AgG_XDPc4fxKP41mVqpK59THAxnQTxZAfzplCGstMrJieCUpwNpfkqgfk9ZvOvEAFiYk9owraEEKQp8eDcHTPM5fF2ht_mGBb8g8fmeC8sz2h_E2RYmvucF_0Xk7ye7g2qTrhuPvuv0ONY5HAek95na2frqIiTfhUbiyqy91H0dUxgKfmIYizLECNDnbsSfR13AHScRRG5n6CmInj5cEK660JEUAp61QZJLbvAa5NfGXF1Dclu8EBaO046NF5KOEeAAXHd-9Mf7d1TIj5tI4bnacJNCX8PnPpKY1StEuhV7TtgpNxJ5lAJcxVHS1b4RKQ-5kvbXEltLYVRcInfDinkqj3KbWrKW1708_sYklwSwrTlxAl78lsF9GoVZ6F2Ll8LUKyVltHDt9SOHTzTGaMOpKWD7MI9WiBZFle8isiy-p41e7xPKQkWUpMBrDfMXU2EHL-eppPoIdaZTdWS82hwX6nlWpLkSgxkzXiwjssn_TSM4mmxgc0-gCzEcJhZc1r_R7kktjbRnlozDaBGsJvKFwQCwCEeHG6_2Q&cid=CAQSKQDUE5ymQrohonEqtqgusOMxLX9iuc9Yyks2ohZxYynZTgQcVwuJC5ibGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=8475747179624681000&adk=497053795&idt=88&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4115
x-xss-protection: 0
server: cafe
etag: 1914039858798321668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:17:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 3F32 28 KB
11 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10980
x-xss-protection: 0
server: cafe
etag: 17255800071175307161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:17:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0021 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 10:06:00 GMT
etag: 48472445140208031
expires: Fri, 24 Mar 2023 10:06:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 525A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHEeZ5LMRB7WjgzZe0SjKec&google_cver=1&google_push=Aa02lx-dPK-PiAEsYz95P5A-824qA8-ih_iFpQ7YAxM9OPBEz0Iu0ZPK6rRwZk4wpzpodp25Ca9YtBMmI5rNIZxS...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-dPK-PiAEsYz95P5A-824qA8-ih_iFpQ7YAxM9OPBEz0Iu0ZPK6rRwZk4wpzpodp25Ca9YtBMmI5rNIZxSFYtl5zBu1fNbev0

170 B
188 B

47ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-dPK-PiAEsYz95P5A-824qA8-ih_iFpQ7YAxM9OPBEz0Iu0ZPK6rRwZk4wpzpodp25Ca9YtBMmI5rNIZxSFYtl5zBu1fNbev0

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 23 Mar 2023 22:46:22 GMT
Server: MT3 668 4401257 master cdg-pixel-x33 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-dPK-PiAEsYz95P5A-824qA8-ih_iFpQ7YAxM9OPBEz0Iu0ZPK6rRwZk4wpzpodp25Ca9YtBMmI5rNIZxSFYtl5zBu1fNbev0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 23 Mar 2023 22:46:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 525A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkJ6V3ZRQUQ0anFPcUFBOQ==&google_gid=CAESECuO098G7QVeeynuFamzGo4&google_cver=1&google_push=Aa02lx8wL3bmJQ42ETVoOZ6OU4DMaTWvIr...

170 B
188 B

28ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkJ6V3ZRQUQ0anFPcUFBOQ==&google_gid=CAESECuO098G7QVeeynuFamzGo4&google_cver=1&google_push=Aa02lx8wL3bmJQ42ETVoOZ6OU4DMaTWvIrIMWbQVfbxW9pZwtn0ckkpPksoHu1U8NEV8g2o-_PnT7pkZTMTgJoZwotYCn-NstBD4BQA

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230033-FRA
pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1679611582.008734,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkJ6V3ZRQUQ0anFPcUFBOQ==&google_gid=CAESECuO098G7QVeeynuFamzGo4&google_cver=1&google_push=Aa02lx8wL3bmJQ42ETVoOZ6OU4DMaTWvIrIMWbQVfbxW9pZwtn0ckkpPksoHu1U8NEV8g2o-_PnT7pkZTMTgJoZwotYCn-NstBD4BQA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 525A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAyyKvs2VVB4C9VPkv5p7cw&google_cver=1&google_push=Aa02lx9xkDX5E6WEvKO1PiltFxcDSSXMZgnCYzPkc-iQFTrxK9WqQUHVvV3y0Z-zjQ2hdESUlDyJ-EWPRdguABCRilfb...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9xkDX5E6WEvKO1PiltFxcDSSXMZgnCYzPkc-iQFTrxK9WqQUHVvV3y0Z-zjQ2hdESUlDyJ-EWPRdguABCRilfb60I6eXm3Nw&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==

170 B
188 B

49ms
48ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9xkDX5E6WEvKO1PiltFxcDSSXMZgnCYzPkc-iQFTrxK9WqQUHVvV3y0Z-zjQ2hdESUlDyJ-EWPRdguABCRilfb60I6eXm3Nw&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9xkDX5E6WEvKO1PiltFxcDSSXMZgnCYzPkc-iQFTrxK9WqQUHVvV3y0Z-zjQ2hdESUlDyJ-EWPRdguABCRilfb60I6eXm3Nw&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==
date: Thu, 23 Mar 2023 22:46:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 525A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsbY9...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsb...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsbY9UrlZnu-8

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsbY9UrlZnu-8

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_aiBXrU0Q-Fu3njeTtH2yUxP2mFL44tf_-a1rypqvJ58KUCitWFIq2tAAE-jR5e2iLhC7rC3cDnm1czd_I6BQsbY9UrlZnu-8
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 525A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDQ15S4-fXm6B4J47mZQ1Hc&google_cver=1&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e99YPFy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDQ15S4-fXm6B4J47mZQ1Hc&google_cver=1&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYxNjQ4MTcxOTU1NzMwODQwOA&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e99YP...

170 B
188 B

29ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYxNjQ4MTcxOTU1NzMwODQwOA&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e99YPFyIlbiN5lq5lTcGcglu5VyuQ

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYxNjQ4MTcxOTU1NzMwODQwOA&google_push=Aa02lx8rrSgQS4_gcM_gHXxwCkHWMtb2U9bQQ3o7ULSj87K8Yr4MYpLbi1w0w7kNC2EBkOJN8e99YPFyIlbiN5lq5lTcGcglu5VyuQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 525A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbAGckXlRwGvfdQ4tB8GlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbAGckXlRwGvfdQ4tB8GlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8ySM-f4YW4ijJtisB1zedvFatpCCrBxoiv-BYHDf94M5JASCIa_xNM1iXuBxP-_nByzXMBePp_QXOA5wPObMGAXF_NqaKXZvU

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbAGckXlRwGvfdQ4tB8GlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8ySM-f4YW4ijJtisB1zedvFatpCCrBxoiv-BYHDf94M5JASCIa_xNM1iXuBxP-_nByzXMBePp_QXOA5wPObMGAXF_NqaKXZvU
date: Thu, 23 Mar 2023 22:46:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 525A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGDDNU4EyflAigGt-mQV280&google_cver=1&google_push=Aa02lx9wYbmPheQ-WcF59cpBEfCBGTRUhJK1Ze40SDQafDKOHAw9sumtXFgxuY39hn_8nhCvHA7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMUERCM0ctMVktQUw5MQ==&google_push=Aa02lx9wYbmPheQ-WcF59cpBEfCBGTRUhJK1Ze40SDQafDKOHAw9sumtXFgxuY39hn_8nhCvHA74uoNSZWku8Ilr6QSta5Rbk_LkdA

170 B
188 B

34ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMUERCM0ctMVktQUw5MQ==&google_push=Aa02lx9wYbmPheQ-WcF59cpBEfCBGTRUhJK1Ze40SDQafDKOHAw9sumtXFgxuY39hn_8nhCvHA74uoNSZWku8Ilr6QSta5Rbk_LkdA

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMUERCM0ctMVktQUw5MQ==&google_push=Aa02lx9wYbmPheQ-WcF59cpBEfCBGTRUhJK1Ze40SDQafDKOHAw9sumtXFgxuY39hn_8nhCvHA74uoNSZWku8Ilr6QSta5Rbk_LkdA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 525A 0
12 B 30ms
25ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOQoBapboHjLaQNiRI8xkmavd0MG0Ohukor3QavuRQJloy-MeIdyNzkdHnJiqYlZANTSXH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B482
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
22ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:22 GMT
expires: Thu, 23 Mar 2023 22:46:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F32 41 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 10:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:06:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5803 1 KB
643 B 19ms
17ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 10:06:00 GMT
etag: 48472445140208031
expires: Fri, 24 Mar 2023 10:06:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3F32 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ecf9021a8b82f32cbc57fd657c032b7ba37bf178dd5150c9571b7d2d9935e35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0021 35 B
463 B 54ms
5ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBrzRYMbvmiJ_qjMiRbf1O4&google_cver=1&google_push=Aa02lx8E0mqOffnwTcJflBHytPpNOxqMJFYiOGMQYZyjFqUsd30fMbFddqyr59spuHaBDm_RqwB29ZJGacLY57LL1FN-RafqAObylstM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0021
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFhkTVdBWHYxUEZ0SG81&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&google_cver=1&google_push=Aa02lx-Q30QsVjppt9vP8gffX2r-PTzjMgUo9IIa71SOlbP...

170 B
188 B

24ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFhkTVdBWHYxUEZ0SG81&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&google_cver=1&google_push=Aa02lx-Q30QsVjppt9vP8gffX2r-PTzjMgUo9IIa71SOlbPqgtlO1SJ2pXC_zWLz4sm75X-k8R496ZreRNuQ-b3SCtOlwlwtcBlVcTcQ

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Mar 2023 22:46:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFhkTVdBWHYxUEZ0SG81&google_gid=CAESEM0jcXQuiCCcubs9fr0mB7s&google_cver=1&google_push=Aa02lx-Q30QsVjppt9vP8gffX2r-PTzjMgUo9IIa71SOlbPqgtlO1SJ2pXC_zWLz4sm75X-k8R496ZreRNuQ-b3SCtOlwlwtcBlVcTcQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0021
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBXzGk1j7DRZFC0Birmu6WE&google_cver=1&google_push=Aa02lx__2Qofsk1dQZs5SVOKapbQrjz45ywb7DauSl6r-yPs-hPv1xlNUIA3NdB0jpTxPMVOKmITW7b_CLR...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx__2Qofsk1dQZs5SVOKapbQrjz45ywb7DauSl6r-yPs-hPv1xlNUIA3NdB0jpTxPMVOKmITW7b_CLRh_THOU4dwqB9_xaa83ZiN&google_hm=o8dTsltCQjqKCNIb...

170 B
188 B

30ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx__2Qofsk1dQZs5SVOKapbQrjz45ywb7DauSl6r-yPs-hPv1xlNUIA3NdB0jpTxPMVOKmITW7b_CLRh_THOU4dwqB9_xaa83ZiN&google_hm=o8dTsltCQjqKCNIbI2ag4YY

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx__2Qofsk1dQZs5SVOKapbQrjz45ywb7DauSl6r-yPs-hPv1xlNUIA3NdB0jpTxPMVOKmITW7b_CLRh_THOU4dwqB9_xaa83ZiN&google_hm=o8dTsltCQjqKCNIbI2ag4YY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0021
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAyyKvs2VVB4C9VPkv5p7cw&google_cver=1&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzr...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg&google_hm=-bjP6KSEQ7CPmI7WwfT...

170 B
188 B

37ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-32va1sSZMuS3u75VxCvFBlaVp4rKTCQeK3jNlIuM4K0BNC09ogmBhrS6kAh0txz6oO4BIGwAo2_BZgvi0_tzrJwDt3VelqzNg&google_hm=-bjP6KSEQ7CPmI7WwfTo9Q==
date: Thu, 23 Mar 2023 22:46:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0021
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPsGd3gbvqtLphBxmMZBhAU&google_cver=1&google_push=Aa02lx_pEKXIp4bhWfwIeebYwcEbt_OxXupThtjf0nzR5K8Hnio5rTqdFD4DttFmmIjQ0L9x3ejsrnYTkD0uO5KTD9kro1v...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_pEKXIp4bhWfwIeebYwcEbt_OxXupThtjf0nzR5K8Hnio5rTqdFD4DttFmmIjQ0L9x3ejsrnYTkD0uO5KTD9kro1vVuAqxu_nZ&google_hm=eS1Wd2RSaGE5RTJwSH...

170 B
188 B

33ms
33ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_pEKXIp4bhWfwIeebYwcEbt_OxXupThtjf0nzR5K8Hnio5rTqdFD4DttFmmIjQ0L9x3ejsrnYTkD0uO5KTD9kro1vVuAqxu_nZ&google_hm=eS1Wd2RSaGE5RTJwSHEzbjV5SEpTRGNFc1dQTkQzcC4wNn5B

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 22:46:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_pEKXIp4bhWfwIeebYwcEbt_OxXupThtjf0nzR5K8Hnio5rTqdFD4DttFmmIjQ0L9x3ejsrnYTkD0uO5KTD9kro1vVuAqxu_nZ&google_hm=eS1Wd2RSaGE5RTJwSHEzbjV5SEpTRGNFc1dQTkQzcC4wNn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0021
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0JxpFF...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOB2WrwC346j0cWuguiizVA&google_cver=1&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0Jxp...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0JxpFFReY1lge4f

170 B
188 B

34ms
33ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0JxpFFReY1lge4f

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9W2tYYLx0VmcTyfo6lhmkRiA_U6nsj48Qm1LaZTk-oVTuDyNNT5WuniCC8R1vyohx01CbwySRbSu6ik30HU0JxpFFReY1lge4f
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0021
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sht6NjlkQcW32gPGyNuRjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sht6NjlkQcW32gPGyNuRjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-eu6rzFiPIqiCMIuE9r2RMfdWAneIngd3cCazNwg_DpSxdEG3CkuaKSZuy53XBfGPZz8nlt2nm1T8yN1NsHIxdqxH3mPaLaFg

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sht6NjlkQcW32gPGyNuRjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-eu6rzFiPIqiCMIuE9r2RMfdWAneIngd3cCazNwg_DpSxdEG3CkuaKSZuy53XBfGPZz8nlt2nm1T8yN1NsHIxdqxH3mPaLaFg
date: Thu, 23 Mar 2023 22:46:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0021 0
12 B 23ms
22ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L7rJ-VIjYVKWYRdhtn2_rZVb1tBd6PLdbWeKRejZuYcF3-bUId2_o5eIxkW5wdyNiZxc-z

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 712F 36 KB
14 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 15:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 15:44:44 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E3E4 22 KB
8 KB 20ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 483300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 08:31:22 GMT
expires: Sun, 17 Mar 2024 08:31:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 57FF 47 KB
12 KB 55ms
21ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:22 GMT
expires: Fri, 22 Mar 2024 22:46:22 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F32 0
0 130ms
62ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn2Oq_nKIZYkhMi3JZ0rHVxBEBDqICRGBPIwY3jUIArRXWpXtyZwyj12Ek9IEpdNNLSZ3FPmdA_aJvwT-TuU3NjFBF5Qjm2c0FYs40xx8j3w0Q2lwTOpLldK7yHyt6bZ7s9QpsL1ehCUtpE5BQt_V_OZqqTadmoF3vgV3M8oAprMhtl1YT8gGoWzzUMS0ecapCCXcoD1nLilH-vLIYGo5HhyFDnPSEVwNuAsJtz4ZRrzEj5TqT3lgx4zi5q27ptHbSEBiNbeNBcBR49ojUJoRHdqNBSSo3FYuDYHhBLXdXEEiaW4SPVnLIi7obrnvfMlGjAx4_nr0n4Ah5JQlfODjXtx_MZNSg96NPFNh51dxSjd-wMjgP-H874CI69dre3znKScqiRzJumd9UND8vD2VAtAYBHVeiRGQYj6mmT2dVTxl0rwJNjBDZol3rkDtuZp9eCFsEHpIjNMzueB9W6hCpx58SnqC0fG3-pe55hzHl55tHl-ZHHLlBpeG_oq5dlEEyI8glX7IEXZ9fVPleZ_36Sz1f-pfXjDVo0Lpe8Pjaoua6qypYwptvub0V-aMcdWMZbP7yc6NPBXuI5Rwt-YIBub3_-jUVSYxfzFVhfcmopeJqjGdXiNjP2MClLAc8tsYu5GYsXconaknCbGyJRYc-UQYHKwRlHgFs6j4wz-vlWFLFfGxsAPWyIZ_kTtoxyWX6gTxckZRIOgq1vkBLW-SADnHnTUrnfdZhUTFY4eCDgBHnv8kQn4VJGSb520SQzpCf_C0gfQpaJFTpprQs81inx_MKMSLgDHiNKUFLLXqlFUV8LNN9XLsCJTaOGPQ7UXC-32hDtjKPvmSt-6XN_WOydMnYy6zJVbCSeZoi-C27NrZzjPwh6zxYb8p4kie-npmjh3yHCVqyLkOhQynQv7miwnFBwVgZVbTh0YA83Lc5ABWFEDDoOYqM7paryJ88xFoDsbWasCfKOOqF4nhLMEn-4VS-4H7WO_6GHPKecgfY2TovHah4E7_Zgan-T2TqrhyNIq4olblAGJVjfZLF-otr1mptQgJwRFkGL9D9y1TZgIzMp2x_SyL3xXozOtq5i8jHoOYaOJWDvh8SpBPnsiEQ6GbwbxFe5NV3ObARu3UEqn1OJ3YMioRSwGSq9oTRSQmFivw6oa836iyMyyVTHvDFHgyKpvtda1LPbJnGHVhO84Qk5DCJxZM7ys3OUR7db-daGD3ohpQreuHS2A3GAWL3383KDJr1S6Mf6P-15c0Mgc1x9S7uDIFiB_1zJFEE6fcXjm-mZloc_LInsPsX_MQSgDGk&sai=AMfl-YSZ_G3ARokCO3tdEWZRQOzH9ofaecKvFMaN91UFKn90csEFQNYXDa4QZA-HU064BxHoZJKxExPoaoA2BsHWQP71Sq359Oa7NkQE2szThLUt7JSpWM0ecRo7codnSD_SIwGl7ruXy60QMW0FcWECk6c16e6ZI_8u_s0efcAFUioHOJ2zi_Sl_iEB2zHo8sLGZ2oXxwgRlgeczp8ZzOcr5BTG2rwE6vLWfFY2TQ&sig=Cg0ArKJSzCgCCUs63eHnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=191&cbvp=1&cstd=181&cisv=r20230322.10807&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:46:22 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:46:22 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5803
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED3osJ1o6EE9Kz5xiQGbwFk&google_cver=1&google_push=Aer7DvLXbWveQbAW-eKrW3iR7FycJOOrfHKgOnCnnzUudU-EPTV2RoByD6tV-DWrHSzzrfKx7a1Oa9VINhj32ofj0rpZcaibDrmuhUY
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkwMDQ5NzgwMDcxMDg2ODk3MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED3osJ1o6EE9Kz5xiQGbwFk&google_cver=1

43 B
398 B

71ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED3osJ1o6EE9Kz5xiQGbwFk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED3osJ1o6EE9Kz5xiQGbwFk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5803
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMmL4ld6LYKUg3t2HgItRuk&google_cver=1&google_push=Aer7DvKEqLhi0iV7ptekjb6cvKdjX_vTdYCIQU-W0hev5trWy_1cjMOiPg_FpbRmOqQ8IEvEnYjve-FLhq4yvzMg_BOOaTheH_JKIQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F346112DE654D6AA91F661085569971&google_push=Aer7DvKEqLhi0iV7ptekjb6cvKdjX_vTdYCIQU-W0hev5trWy_1cjMOiPg_FpbRmOqQ8IEvEnYjve-FLhq4yvzM...

170 B
188 B

28ms
28ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F346112DE654D6AA91F661085569971&google_push=Aer7DvKEqLhi0iV7ptekjb6cvKdjX_vTdYCIQU-W0hev5trWy_1cjMOiPg_FpbRmOqQ8IEvEnYjve-FLhq4yvzMg_BOOaTheH_JKIQ

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 22:46:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F346112DE654D6AA91F661085569971&google_push=Aer7DvKEqLhi0iV7ptekjb6cvKdjX_vTdYCIQU-W0hev5trWy_1cjMOiPg_FpbRmOqQ8IEvEnYjve-FLhq4yvzMg_BOOaTheH_JKIQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 22 Mar 2023 22:46:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5803
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIixf9-OG8wnStuwpb1oJ0w&google_cver=1&google_push=Aer7DvJfZFQvu0ZJtXlSz2KjGRLwhcHuZSGeA8ghUU4SROCFo_qqMEUbcrGKtexFKPNP2Cg4iP42UYS-IRh2Ts...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvJfZFQvu0ZJtXlSz2KjGRLwhcHuZSGeA8ghUU4SROCFo_qqMEUbcrGKtexFKPNP2Cg4iP42UYS-IRh2Ts4AO9fPTFxT_52va9k&google_hm=hmQc1r1PjhfEft...

170 B
188 B

25ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvJfZFQvu0ZJtXlSz2KjGRLwhcHuZSGeA8ghUU4SROCFo_qqMEUbcrGKtexFKPNP2Cg4iP42UYS-IRh2Ts4AO9fPTFxT_52va9k&google_hm=hmQc1r1PjhfEftq0Kg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D641CD6BD4F8E17C47EDAB42ABLIS

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvJfZFQvu0ZJtXlSz2KjGRLwhcHuZSGeA8ghUU4SROCFo_qqMEUbcrGKtexFKPNP2Cg4iP42UYS-IRh2Ts4AO9fPTFxT_52va9k&google_hm=hmQc1r1PjhfEftq0Kg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D641CD6BD4F8E17C47EDAB42ABLIS
date: Thu, 23 Mar 2023 22:46:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5803 43 B
351 B 60ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG12pzrfPZsJMIfA7ZVLfQg&google_cver=1&google_push=Aer7DvIrOy7sHpPx7tXOJ-ZrCyIPYLpThk053XwAzesVpMoT3EiGbtvqY44I4p46Ygq-PtzLWgj9LTnazzZtQ0uKjRDSdMDfQLa-ww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vuc8plfbbjqmlne401bcraru5903447v

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5803
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WJNBgFN2QJO0flY_AthWTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
29ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WJNBgFN2QJO0flY_AthWTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJDktxFpOQlPIOubeTo57TICiA0cu3F70-hJwAq2O2o613BpfpvaqBO0AV9oGyO1lQRnjl889E_DpsTDepKUF1zVzMl-QTGe9I

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WJNBgFN2QJO0flY_AthWTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJDktxFpOQlPIOubeTo57TICiA0cu3F70-hJwAq2O2o613BpfpvaqBO0AV9oGyO1lQRnjl889E_DpsTDepKUF1zVzMl-QTGe9I
date: Thu, 23 Mar 2023 22:46:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5803
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEBGBH6Hm5kST96KhzKiWsE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEBGBH6Hm5kST96KhzKiWsE&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvIu7vyT88P3tsHEYMQA7T87tm7ybtBam...

170 B
188 B

35ms
31ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEBGBH6Hm5kST96KhzKiWsE&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvIu7vyT88P3tsHEYMQA7T87tm7ybtBamdDabv8yhCUEOoU34iS5woVlmSn_0ISixkOdV836tATAronGes_81Uw1XoN_9BjUrgA

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Mar 2023 22:46:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEBGBH6Hm5kST96KhzKiWsE&google_hm=ZBzWvf-FpoySnzsRKJcNVwAACFkAAAAB&google_nid=index&google_push=Aer7DvIu7vyT88P3tsHEYMQA7T87tm7ybtBamdDabv8yhCUEOoU34iS5woVlmSn_0ISixkOdV836tATAronGes_81Uw1XoN_9BjUrgA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 5803
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEONM0AC1MfOVETwDIf_tbdc&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvIzVZin0wskGC7X5mqRXzzPn_b-qfY_5LDE4LvnhEdhpXxb0swLgbmclyNfwgLPOpys_lzpQT74RCM3Xzrru5HFZWzK178bEP-s
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

48ms
46ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1679581552&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679611580756&bpp=2&bdt=180&idt=255&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3806313459038&frm=20&pv=1&ga_vid=425464683.1679611580&ga_sid=1679611581&ga_hid=1199442171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777876%2C31073310%2C44786632&oid=2&pvsid=2069470042026804&tmod=272932682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yOitfeSumB&p=https%3A//cybernews.com&dtd=260
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Thu, 23 Mar 2023 22:46:22 GMT
pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5803 0
12 B 31ms
27ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1_RonNv3rv15gJKEAVHN2_E5AEImQRDhTuBIHUTLe0CIFAQrDv6qDmh9qytro49quzvmStw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 57FF 118 KB
40 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 18:05:11 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 57FF 63 KB
25 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 22:46:22 GMT

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame E3E4 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 15:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 15:44:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F32 0
0 54ms
53ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn2Oq_nKIZYkhMi3JZ0rHVxBEBDqICRGBPIwY3jUIArRXWpXtyZwyj12Ek9IEpdNNLSZ3FPmdA_aJvwT-TuU3NjFBF5Qjm2c0FYs40xx8j3w0Q2lwTOpLldK7yHyt6bZ7s9QpsL1ehCUtpE5BQt_V_OZqqTadmoF3vgV3M8oAprMhtl1YT8gGoWzzUMS0ecapCCXcoD1nLilH-vLIYGo5HhyFDnPSEVwNuAsJtz4ZRrzEj5TqT3lgx4zi5q27ptHbSEBiNbeNBcBR49ojUJoRHdqNBSSo3FYuDYHhBLXdXEEiaW4SPVnLIi7obrnvfMlGjAx4_nr0n4Ah5JQlfODjXtx_MZNSg96NPFNh51dxSjd-wMjgP-H874CI69dre3znKScqiRzJumd9UND8vD2VAtAYBHVeiRGQYj6mmT2dVTxl0rwJNjBDZol3rkDtuZp9eCFsEHpIjNMzueB9W6hCpx58SnqC0fG3-pe55hzHl55tHl-ZHHLlBpeG_oq5dlEEyI8glX7IEXZ9fVPleZ_36Sz1f-pfXjDVo0Lpe8Pjaoua6qypYwptvub0V-aMcdWMZbP7yc6NPBXuI5Rwt-YIBub3_-jUVSYxfzFVhfcmopeJqjGdXiNjP2MClLAc8tsYu5GYsXconaknCbGyJRYc-UQYHKwRlHgFs6j4wz-vlWFLFfGxsAPWyIZ_kTtoxyWX6gTxckZRIOgq1vkBLW-SADnHnTUrnfdZhUTFY4eCDgBHnv8kQn4VJGSb520SQzpCf_C0gfQpaJFTpprQs81inx_MKMSLgDHiNKUFLLXqlFUV8LNN9XLsCJTaOGPQ7UXC-32hDtjKPvmSt-6XN_WOydMnYy6zJVbCSeZoi-C27NrZzjPwh6zxYb8p4kie-npmjh3yHCVqyLkOhQynQv7miwnFBwVgZVbTh0YA83Lc5ABWFEDDoOYqM7paryJ88xFoDsbWasCfKOOqF4nhLMEn-4VS-4H7WO_6GHPKecgfY2TovHah4E7_Zgan-T2TqrhyNIq4olblAGJVjfZLF-otr1mptQgJwRFkGL9D9y1TZgIzMp2x_SyL3xXozOtq5i8jHoOYaOJWDvh8SpBPnsiEQ6GbwbxFe5NV3ObARu3UEqn1OJ3YMioRSwGSq9oTRSQmFivw6oa836iyMyyVTHvDFHgyKpvtda1LPbJnGHVhO84Qk5DCJxZM7ys3OUR7db-daGD3ohpQreuHS2A3GAWL3383KDJr1S6Mf6P-15c0Mgc1x9S7uDIFiB_1zJFEE6fcXjm-mZloc_LInsPsX_MQSgDGk&sai=AMfl-YSZ_G3ARokCO3tdEWZRQOzH9ofaecKvFMaN91UFKn90csEFQNYXDa4QZA-HU064BxHoZJKxExPoaoA2BsHWQP71Sq359Oa7NkQE2szThLUt7JSpWM0ecRo7codnSD_SIwGl7ruXy60QMW0FcWECk6c16e6ZI_8u_s0efcAFUioHOJ2zi_Sl_iEB2zHo8sLGZ2oXxwgRlgeczp8ZzOcr5BTG2rwE6vLWfFY2TQ&sig=Cg0ArKJSzCgCCUs63eHnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=349&vt=11&dtpt=158&dett=3&cstd=181&cisv=r20230322.10807&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/powder-room-data-leak/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Mar 2023 22:46:22 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/ 3 KB
2 KB 28ms
27ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50996ccac4377dc03b5272d1a93510e86836727b001de854aeee6b90105be96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 207
cf-polished: origSize=3367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: bf6fb56a-0309-450f-95a3-52c6cf850fd1
x-runtime: 0.026910
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"c2b680775b9c72763efda093692816b7"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7aca35c54db60be3-AMS
access-control-allow-headers: SDK-Version
expires: Thu, 23 Mar 2023 23:46:22 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 64ms
63ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cecc901ffb3300284c8b8158b0a17163678ac2ea074bcf75bc6ed66eb28aff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11274
x-xss-protection: 0

GET
H3 200 search-1faa9f3c50.js Show response
cybernews.com/js/ 7 KB
3 KB 62ms
62ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/search-1faa9f3c50.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9bd202b6a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd18e580f1b05148dca60e92c451082e01a0b7b45daeb99aa5d17697a943acd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 39390
cf-polished: origSize=6862
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 12:23:26 GMT
cf-bgj: minify
server: cloudflare
etag: W/"641af33e-1ace"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7aca35c54de6b7bb-AMS
expires: Fri, 24 Mar 2023 02:46:22 GMT

GET
H3 200 links-bar-38419dbcbf.js Show response
cybernews.com/js/ 1 KB
2 KB 43ms
42ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/links-bar-38419dbcbf.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9bd202b6a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c949a584646de3f29fbbf249be2b124614a4a3407b79edc0c9ab13f67172bc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 39390
cf-polished: origSize=1415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 12:23:25 GMT
cf-bgj: minify
server: cloudflare
etag: W/"641af33d-587"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7aca35c54de8b7bb-AMS
expires: Fri, 24 Mar 2023 02:46:22 GMT

GET
H3 200 scroll-up-703df50bb8.js Show response
cybernews.com/js/ 510 B
1 KB 62ms
62ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/scroll-up-703df50bb8.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9bd202b6a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4007eabc93dc10a06020c1e2835213fa0dfc50de0bbdd4cb94b3f3a7aadf82e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 39390
cf-polished: origSize=511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 12:23:26 GMT
cf-bgj: minify
server: cloudflare
etag: W/"641af33e-1ff"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7aca35c54de9b7bb-AMS
expires: Fri, 24 Mar 2023 02:46:22 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 57FF 47 KB
47 KB 22ms
16ms Font
font/woff2 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:35:11 GMT
x-content-type-options: nosniff
age: 671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 22:50:11 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 57FF 46 KB
46 KB 28ms
21ms Font
font/woff2 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:35:11 GMT
x-content-type-options: nosniff
age: 671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 22:50:11 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 57FF 7 KB
6 KB 59ms
55ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfba6a0c43c917f3c588124cf32e0dfcdfbd405e280416fed4fb76d913b347e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5748
x-xss-protection: 0

GET
H3 200 60005582_20221129090830868_iPhone-14-Plus_AirPods-Pro_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 57FF 25 KB
25 KB 46ms
42ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221129090830868_iPhone-14-Plus_AirPods-Pro_ASSET.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562453fdd40538b96b6d7b6e9c8125bd96191f0e8ed6b36c53f32ff8f183052f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 16871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25452
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 17:08:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 18:05:11 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 57FF 28 KB
28 KB 32ms
28ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 16871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 18:05:11 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 57FF 43 B
607 B 76ms
21ms Image
image/gif 141.101.90.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29497702_4307561_361897680_145340772_PO1201A20230301&ref=29497702_4307561_361897680_145340772_PO1201A20230301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:46:22 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 991767
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 01 Mar 2023 07:22:36 GMT
Server: cloudflare
etag: "2b-5f5d1938cc700"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 52523298
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7aca35c5fa76911f-FRA
Expires: Fri, 22 Mar 2024 22:46:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 22:46:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3E4 0
20 B 59ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGmDPvdYcZP-YMLet9u8PiMWu2AsAAAAAOAHgBAI&bg=!iomlid3NAAbO2UOH7tk7ADkAdvg8Wui_FxFcDDKxzAu8LuitYcBIwNHIFxZG1vPZgK-jl4WqEJvH-XnILGsCiN1vQUMOonGPpAECAAAAdlIAAAACaAEHCgBbOJ8UffaOX6Wb_Q6W41e0Ee1C7Tivz5ZbBba8dEKVQO5nS6S9dzl5DJsPfo7FURbz7RrXGPrErjY8szGx6nNPPDcaW9nPeJLNcR6vo4QhOwsPqKc3x6oeoL3eTJkC5JXQJM5mWfMvoAovUav9gZ6UMMqfQ8K6KWuRET-52jP6GGqax4XO4V14b9EjyKfo6ZFW2PLFgtskz03VKlWl1KmxOr4aykGdW-Qa6lt1D2IV06bpxvF_iPwy3_HY7Trttun4bFvab98MJ_QnaIM_WQAErgYHbOjYZgr4QGwFIA-HTN472J4XV7xUOr8szBrQWkg3cMpO2jgYMeOJK7cfX6rsqqr9UBWoE135yQy1-72hU1ND-ukIkrIs9bcQdEnwQUzcu3XIQEGYlmZbR8u9Bbl8OeRma0S6fYknn_AgScIvP51gptbQl8SPK37GjpBXiefos8rspX0o2el-clJhEuEtt_CofnJP6Rqe0fyZo6VLEX5VdzSu6zv82Pk79YtZJurLSPKEsyc1BbtKwJ7S5feqrC3gvAVcXD1_o4IO7C-IKrQqXACmChO4TzjhB7_sM6ddo-wOl26NDCACyDJr2vYGM2-IdSxZUdRkxBcUodztGEOEG651dqKae5G8ahuYeqRpZZNq_XpcxEwVwHJ2iAztBu2k9LQEFmj1QbdPqCyvJ6iAyx8l6mraQsqZNuR1jtDtSPYx4Zf1Njf06k1fddEhtz7LMxUFSkcys0tz0vXPVHpi8qFW8ymBSUxjv5wkBcRE174cblg2QaaiaMFKQDT_Cw9yUz6mzdh8hNW_5bTuOibMbUj0pYgk363ZgvcMKLQVP-pazP4a7pw0aAZzg8DffyW6fPxNzThpqSglbOW6G8yfrgTbsLFv2PAFKAWXXYr1xIJj87HUN2Flz3LwVxeYAcOEHCaGGqC5b26favpau4Mvz44yjX31c1WxULEsDctSw_39e0qWk4YnFTo4i0_QU72kSd4vsK58D8aIYystPF49HgJ4ePxqmnXCwl9k24yi9NtSlNNKbjPtsLchd_xT1sgEoOAE39eVLqyYhu1hkjvEiOmfDI15ux8ZisIRKLOirLTQgJff5M-gna7RR2zL9jl-

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 57FF 26 KB
26 KB 18ms
15ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=SHrxPg1C6x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:35:11 GMT
x-content-type-options: nosniff
age: 671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 22:50:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 57FF 17 KB
6 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 22:46:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34CF 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:35:48 GMT
expires: Fri, 22 Mar 2024 15:35:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3801 783 B
535 B 25ms
23ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2b104a05cd6af2e2759eb1c62923a5950d937b48e6e91f9c7378569cd3eff72c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IihYBAXM6ob3-SnTu17FHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-IihYBAXM6ob3-SnTu17FHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:46:22 GMT
expires: Thu, 23 Mar 2023 22:46:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 28ms
27ms Stylesheet
text/css 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 705
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7aca35c63b800bbc-AMS
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 22:46:22 GMT

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AE3 36 KB
14 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 15:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 15:44:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3801 0
0 47ms
47ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230322&jk=2069470042026804&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 34CF 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 15:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 15:44:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 34CF 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Yi9scg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:46:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=2069470042026804&bg=!SEulSx_NAAbO2UOH7tk7ADkAdvg8WoDSZNG4E4bx9gsYL8d7dqu4f-Qud08VPU162xHnbcyZrT8eSpqgEPedKjk-N8K8ozWEnMYCAAAAc1IAAAABaAEHCgAGQS2YZMGymQKc_dlVPsu87nwsvsXrSaTQIKynBLtXWSsjkzV7qYBNe21FAe7KNzV3WuNkSzbUpt9-firhFmkQzK0Q-9-Vx1Lsk5VE21obgIjr7MdPIJCnha2h6SlTtDop3d7BDbuRQzxrgnWw45ggcKQryOSs_ZlEdmlwcjEXAdr6dPHrlX1joOuum1grD8QslupumtA9Co5pUmXdjCedfYWUHlvKgMmHa9fi4s39L7ugRNsy9Ec9jSIF8por90vtQ1NfPPrln4KPeUeUg84mmjnhAgAtR1eWJd5Tggi_ZB0fZe8_LrRE8a1X2QAhNlOHYQo8tCDQl-QY5280BOydht7Ma0ppc7NALGVVee51E2HUV7gVyJnkrAAoSa-EigzbboykJ1-h-ZI-BnIez5X5isM40hEsCtC7Mahl_f0njjpDmlXuEkSLc6_myU1SkJGV_dPC6876P0SEZRgp4h4OmVZ6sx4yP9fJDinNj0GAYcr5FwkD-Zw778batHTDsO-EKnSDBnxc7KPumIWQtvKLbo0XhRtitndHK17jyZ2qVWBo2IQBGgN6Owx-OJmFi1GqTIDkqfIOgwZ0DYyuX2b1F0109apk-DgoyQHdvn02Dq4muj6bf6j16ALG16LpFhQlm6D3boY4Ks7UCYmg8JwplF2mmdnlCTRiNqH4dl-aFNaA58j4Po2o6KLfmG86EEW07Q30KDD9a7q-q2gVXviEzVD0S0CiR8fVDmWvkozxA7-C3wlzD5t8sm06ZFWsRTr3gWaphNnvsFHxFovx9rXZh3krhQZY1MrOO3PTuQ7xLnElvQVd_HdjM-kpbGMt8rkSLSTUat-a4-4uWEuliFEK6QFapjjVrW8jgLK5x3hqYbw4F9QBfitsYSWYQivFukSOKwuRdX4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F32 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4469103134743&version=m202301230201&ct=76&x=1&cor=8475747179624681000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:46:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cybernews.com/	1970-01-20 10:33:45	Name: cn_t_bs Value: 90
.cybernews.com/	1970-01-20 10:33:45	Name: cn_t_sess Value: %7B%22cid%22%3A%22425464683.1679611580%22%2C%22clickId%22%3Anull%2C%22clickType%22%3Anull%2C%22landingPageUri%22%3A%22https%3A%2F%2Fcybernews.com%2Fsecurity%2Fpowder-room-data-leak%2F%22%2C%22sessionId%22%3A%22b547ca09-b1ea-493c-8e54-0fa73650efc8%22%2C%22timeStamp%22%3A1679611580%7D
.cybernews.com/	1970-01-20 11:16:43	Name: cn_t_gtc Value: %7B%22clickId%22%3Anull%2C%22count%22%3A0%7D
.cybernews.com/	1970-01-20 20:09:31	Name: cn_t_uid Value: 416400fb-2e26-452a-b3fc-e1895b2cc459
.onesignal.com/	1970-01-20 10:33:33	Name: __cf_bm Value: YvhVDi2VmGYRfgJ9pXs4fOl7aNPSs6WwdqDu9Vr7VIo-1679611580-0-ARBDi92V2U3XYrq5DM7Z8L59FsXSL18zCoo3cpxFrLp4mlBdX5prKGTZHwr3kEz4GSgR1WraEd9WYBsh+bF8J/o=
.cybernews.com/	1970-01-20 12:43:07	Name: _gcl_au Value: 1.1.1030214003.1679611581
.cybernews.com/	1970-01-20 20:09:31	Name: _ga_KT8DKCHF41 Value: GS1.1.1679611580.1.0.1679611580.60.0.0
.cybernews.com/	1970-01-20 20:09:31	Name: _ga Value: GA1.2.425464683.1679611580
.cybernews.com/	1970-01-20 10:34:57	Name: _gid Value: GA1.2.1403519846.1679611581
.cybernews.com/	1970-01-20 10:33:31	Name: _gat Value: 1
.cybernews.com/	1970-01-20 10:33:31	Name: _gat_UA-149779697-1 Value: 1
.cybernews.com/	1970-01-20 10:33:33	Name: ga_fired Value: true
.cybernews.com/	1970-01-20 19:55:07	Name: __gads Value: ID=397bbbe98c60a43e-22e2114269dd0041:T=1679611581:RT=1679611581:S=ALNI_MbNA6cnYCqzvcGSJhinB4TZIPVTdQ
.cybernews.com/	1970-01-20 19:55:07	Name: __gpi Value: UID=00000bcb23b8365a:T=1679611581:RT=1679611581:S=ALNI_Mappk1tpz19nL94ft3x58xxcf7DYw
.doubleclick.net/	1970-01-20 19:55:07	Name: IDE Value: AHWqTUlyeVgyASHkG3ziB9MLPRFJEuicWTIdZJp69DMx0WWs29sFGFyUbZxILYXQg-c
.blismedia.com/	1970-01-20 19:19:11	Name: b Value: 641CD6BD4F8E17C47EDAB42ABLIS
.casalemedia.com/	1970-01-20 19:19:07	Name: CMID Value: ZBzWvf.FpoySnzsRKJcNVwAA
.casalemedia.com/	1970-01-20 12:43:07	Name: CMPS Value: 2137
.casalemedia.com/	1970-01-20 12:43:07	Name: CMPRO Value: 2137
.adnxs.com/	1970-01-20 12:43:07	Name: uuid2 Value: 3035191367730853449
.bidswitch.net/	1970-01-20 19:19:07	Name: tuuid Value: f9b8cfe8-a484-43b0-8f98-8ed6c1f4e8f5
.bidswitch.net/	1970-01-20 19:19:07	Name: c Value: 1679611581
.bidswitch.net/	1970-01-20 19:19:07	Name: tuuid_lu Value: 1679611581
.everesttech.net/	1970-01-20 19:19:07	Name: everest_g_v2 Value: g_surferid~ZBzWvQAD4jqOqAA9
.adnxs.com/	1970-01-20 12:43:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In=k!Fzp!]tbPl1M>e)ZlrFUfJ+tGXxp??h'cLCA9(kFRH(yL)m.%Ox1g([81<yX/7d)3If)y3KL9D3I?-*UT[o.
.mathtag.com/	1970-01-20 19:59:26	Name: uuid Value: 8c69641c-d6be-4400-9b14-a901b674fa30
.mathtag.com/	1970-01-20 11:16:43	Name: mt_mop Value: 4:1679611582
.doubleclick.net/	1970-01-20 10:33:35	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 10:34:57	Name: KTPCACOOKIE Value: YES
.de17a.com/	1970-01-20 19:11:55	Name: guid Value: 1.6308063915519940222
.w55c.net/	1970-01-20 20:05:12	Name: wfivefivec Value: DXdMWAXv1PFtHo5
.quantserve.com/	1970-01-20 12:43:07	Name: d Value: EHoBCQHKKIEA
.quantserve.com/	1970-01-20 20:03:45	Name: mc Value: 641cd6be-18fc8-ec6d0-f13e3
.adform.net/	1970-01-20 11:18:09	Name: C Value: 1
.ctnsnet.com/	1970-01-20 19:19:07	Name: gid_CAESEBXzGk1j7DRZFC0Birmu6WE Value: 1
.ctnsnet.com/	1970-01-20 19:19:07	Name: cid_a3c753b25b42423a8a08d21b2366a0e1 Value: 1
.scoota.co/	1970-01-20 20:09:31	Name: tuuid Value: 36d209b1-8ff0-4daf-b29c-c48200a60af2
.scoota.co/	1970-01-20 20:09:31	Name: c Value: 1679611582
.scoota.co/	1970-01-20 20:09:31	Name: tuuid_lu Value: 1679611582
.w55c.net/	1970-01-20 11:16:43	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 19:19:07	Name: KADUSERCOOKIE Value: 4A1B7A36-3964-41C5-B7DA-03C6C8DB918F
.yahoo.com/	1970-01-20 19:19:29	Name: A3 Value: d=AQABBL7WHGQCEL_bvktidSb8ewv-zp0uA5YFEgEBAQEoHmQmZAAAAAAA_eMAAA&S=AQAAAm_B9drY1lCoxD9J-2VNkqw
.adform.net/	1970-01-20 11:59:55	Name: uid Value: 3616481719557308408
.simpli.fi/	1970-01-20 19:20:33	Name: suid Value: 0F346112DE654D6AA91F661085569971
.turn.com/	1970-01-20 14:52:43	Name: uid Value: 7900497800710868970
.cybernews.com/	1970-01-20 10:33:33	Name: __cf_bm Value: jiSCpyAH5cSkXerXTZ2nU_NBFLIgAfwV.doNM2GB7Q4-1679611582-0-AYCbtaNb0IrBA2yQb0LKnkDZfgTE+HhouCDhEK7ueMtoYc6jpRjzFOaZXqlbTrxtEgPzdxBebxRA70RHnEci1cArPGAHFmdHXq3THmDuvydn
.tribalfusion.com/	1970-01-20 12:43:07	Name: ANON_ID Value: aynseFRwEfES2QVormf6cMuBajHxcjZdRaovUHJFT5bfLrvthcZbYdP9rZcoZbGZaWjgK6rxpC23cZbWTFUD0Zd54WN

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271803&client=ca-pub-5928161074779380&fa=3&ifi=4&uci=a!4&btvi=3&xpc=Fx4uoSiR4l&p=https%3A//cybernews.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-5928161074779380&fa=4&ifi=5&uci=a!5&btvi=4&xpc=E9emqNeXe2&p=https%3A//cybernews.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.de
c1.adform.net
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
cybernews.com
d5p.de17a.com
dsum-sec.casalemedia.com
fonts.googleapis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
img.youtube.com
match.adsrvr.org
media.cybernews.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
r.scoota.co
r.turn.com
region1.analytics.google.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.111.217.42
141.101.90.96
142.250.186.66
151.101.66.49
172.217.16.130
185.29.134.248
185.64.190.78
185.80.39.216
185.89.211.12
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.182
2606:4700:3108::ac42:283b
2606:4700:3108::ac42:2bc5
2606:4700::6812:19ad
2606:4700::6812:d73b
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9d
2a05:d018:d29:3605:6f87:8fa1:6e97:141
3.121.39.140
3.122.24.207
34.96.105.8
35.186.193.173
35.186.253.211
35.204.158.49
37.157.2.234
52.223.40.198
54.220.9.90
69.173.144.165
0454e0c911f091c65c307b4d5bcc91457434192ca6832ad3f5137a314fe4ff8f
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
070fb207d1ac5dea5578095084e68e39fe24dcaf6e3a5c9cec322f7e455b923c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f0e2bc60ec1815c862acb7282ecf619909c7902e0b4a6fcc0e444d0cc5b9993
0f272ab3eea611edf7c68a31f8dd9b204b2fdccfe4c8d1bc3a498eccdcdd2ae3
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9
1f1a2f37f367dad6da7a586ac996af87f89cc0512df1bd9a6d964809d7d0e7ff
205add00bd586955a7d7412c1f67d69c4fae7652924097505b00c7cf8ed05c67
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25b13af8c099b9f6d701835f1d36aabb860b7aedd976b28e755388be2ccf7b65
279dc1139faf362b310486d22c66cb29bbb8e07ec5e9f7463f05eb5b02be33bb
2b104a05cd6af2e2759eb1c62923a5950d937b48e6e91f9c7378569cd3eff72c
2c949a584646de3f29fbbf249be2b124614a4a3407b79edc0c9ab13f67172bc3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34a9b8c3e6088d42a01e3cf800492030fe7432bc24fa9f6ce83e8471f4ab58b2
4007eabc93dc10a06020c1e2835213fa0dfc50de0bbdd4cb94b3f3a7aadf82e4
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6e509549da1ad5127d531e0cacd9725fae30c9fb7b4ca8b75a1cff8bdf3249
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec6235eea2e87158759e988c1dc63a169989f354fc98f7985eabffa15b4bfa7
4ecf9021a8b82f32cbc57fd657c032b7ba37bf178dd5150c9571b7d2d9935e35
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50996ccac4377dc03b5272d1a93510e86836727b001de854aeee6b90105be96e
53b8c7382749fd9c13155bded67982b0365829f28272b166dceb15a8573ee83b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562453fdd40538b96b6d7b6e9c8125bd96191f0e8ed6b36c53f32ff8f183052f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cecc901ffb3300284c8b8158b0a17163678ac2ea074bcf75bc6ed66eb28aff5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698aec61cbf993902247d58bfb7e3c7211af89911bc1c9846b9ff078f59a1e7d
6d87bc3eed25e4bb8a73cb9a1c1498866f2e7cbd81b9f6ad473a89ec0669a006
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f7d144839d536667c88c524f7c8c4bfddca0d0d283e5917040c770c43cb960e
7122be55d1dde43621c38e2aa47cf35460fa6d949bda4df34b7de62dadb04573
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cc01e4d00bfb22d1ca895d13a7331df8812d091557109b72be402a04feaac3a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9887b45adffeb792a1b1e96a69fa5831622ce3b34f4144c4bd83071e39b4320f
9a13dcd88aca744aa217e6def748dbb8b39d69f7d5eda99882526d4cdde6bb4b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c376cfb9512e236ec4655d74a44c45e4b56680109d84ea8d7d584606b37e964
9dfba6a0c43c917f3c588124cf32e0dfcdfbd405e280416fed4fb76d913b347e
9fb0a0dda28c59da9a992285525328bb2b991ae67b80968df4eaa16ce91b22db
9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14
ad89e0a7ba5bc269ae857d3d45bbf5ce07e8092879ed4c27d72e3e8809878217
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
c1ed7b88356f9f8d803c603f7ba533ebe29e1931bb5843002bef0cc14a0e0ff9
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c8b5b67df1d56cec196a707cf952a1661157d38c209af6058d5d6ce2765c3440
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cd18e580f1b05148dca60e92c451082e01a0b7b45daeb99aa5d17697a943acd8
ce4963927579834fc0eacef89494467e53dd0e5f6175638c99c35228ae12fccc
d103b6c91767b6796e622cf00b9a6e44a8c81bb70eb7a1aec48a6d0dd1c83faf
d7e5de6c0e742c2fa01e3eaf2a550e210630445fa4dd014d21faee8199fade0a
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbaad671eb2f5640175563ee7c9e509538dc5ae77e0d507e1a5bd9772f40f49d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021
e143f2cdf70bed2e53adfad635bb27c1134a7f80ebd688bc977e001190ebf5e7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5f63e271056ce6a47a22f4676897b74e5b67f8f8244cc49a07a9a6dd6d256e4
fb59134d914edaedc624ed442a2619572b977ab6233a14b51a1bd44b6882a01c
fbfabbad5f4e7c7115bad654411beb57f9450ba1e827104abe5f92e6beebfe8b
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

cybernews.com Open in urlscan Pro 2606:4700:3108::ac42:283b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

174 Requests

84 %HTTPS

55 %IPv6

36 Domains

48 Subdomains

33 IPs

9 Countries

2155 kBTransfer

4807 kBSize

47 Cookies

7 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:283b Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

84 %
HTTPS

55 %
IPv6

36
Domains

48
Subdomains

33
IPs

9
Countries

2155 kB
Transfer

4807 kB
Size

47
Cookies

174 HTTP transactions
7 data transactions