securityaffairs.co
Open in
urlscan Pro
2001:8d8:100f:f000::289
Public Scan
URL:
https://securityaffairs.co/wordpress/114241/malware/teamtnt-hildegard-malware-kubernetes.html
Submission: On February 11 via api from US
Submission: On February 11 via api from US
Summary
This website contacted 38 IPs
in 7 countries
across 26 domains to perform 160 HTTP transactions.
The main IP is 2001:8d8:100f:f000::289, located in
Germany and
belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE.
The main domain is securityaffairs.co.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 8th 2020. Valid for: a year.
This is the only time securityaffairs.co was scanned on urlscan.io!
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 8th 2020. Valid for: a year.
This is the only time securityaffairs.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
44
2001:8d8:100f:f000::289
(Germany)
ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
| securityaffairs.co |
1
2a00:1450:4001:800::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2600:9000:2156:4200:1c:8a07:5e80:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| platform-api.sharethis.com |
2
104.108.144.24
(United States)
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com
| contextual.media.net |
6
68.183.31.14
(North Bergen, United States)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| served-by.pixfuture.com |
11
192.0.77.2
(San Francisco, United States)
ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
| i0.wp.com | |
| i1.wp.com | |
| i2.wp.com |
3
2a00:1450:4001:812::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2600:9000:20eb:5200:c:abe:f440:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| buttons-config.sharethis.com |
1
2600:9000:206f:8e00:c:a9b7:ddc0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| c.sharethis.mgr.consensu.org |
2
52.29.155.194
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
| l.sharethis.com |
7
104.76.200.23
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-23.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-23.deploy.static.akamaitechnologies.com
| lg3.media.net |
4
104.108.144.214
(United States)
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
| ads.pubmatic.com |
7
2a00:1450:4001:80e::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com | |
| adservice.google.com | |
| pagead2.googlesyndication.com |
8
142.250.186.98
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
| securepubads.g.doubleclick.net |
2
178.162.133.150
(Netherlands)
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
| apex.go.sonobi.com |
2
37.252.172.45
(Ascension Island)
ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| ib.adnxs.com |
1
52.28.203.152
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
| c2shb.ssp.yahoo.com |
4
35.244.159.8
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
| pixfuture2-d.openx.net | |
| eu-u.openx.net |
2
2a00:1450:4001:80e::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| d0661723d2c1ed2c1cbe10b87bf07121.safeframe.googlesyndication.com |
5
2a00:1450:4001:80f::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
1
2a00:1450:4001:812::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| 5d9cbc9ca74629b7aed94aec26a64cb6.safeframe.googlesyndication.com |
3
34.120.207.148
(United States)
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
| api.rlcdn.com |
4
54.228.21.183
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
| match.adsrvr.org |
| Domain | Requested by | |
|---|---|---|
| 44 | securityaffairs.co |
securityaffairs.co
|
| 8 | securepubads.g.doubleclick.net |
www.googletagservices.com
cdn.pixfuture.com securepubads.g.doubleclick.net |
| 7 | lg3.media.net |
securityaffairs.co
|
| 6 | mug.criteo.com |
securityaffairs.co
|
| 6 | gum.criteo.com | 4 redirects |
| 6 | cdn.pixfuture.com |
served-by.pixfuture.com
cdn.pixfuture.com securityaffairs.co |
| 6 | served-by.pixfuture.com |
securityaffairs.co
served-by.pixfuture.com |
| 5 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
| 5 | i0.wp.com |
securityaffairs.co
|
| 4 | match.adsrvr.org |
cdn.pixfuture.com
ads.pubmatic.com |
| 4 | www.googletagservices.com |
securityaffairs.co
securepubads.g.doubleclick.net |
| 4 | ads.pubmatic.com |
securityaffairs.co
cdn.pixfuture.com |
| 4 | i1.wp.com |
securityaffairs.co
|
| 3 | api.rlcdn.com |
cdn.pixfuture.com
ads.pubmatic.com |
| 3 | prebidserver.pixfuture.com |
cdn.pixfuture.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | eu-u.openx.net |
cdn.pixfuture.com
|
| 2 | acdn.adnxs.com |
cdn.pixfuture.com
|
| 2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 2 | d0661723d2c1ed2c1cbe10b87bf07121.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 2 | adservice.google.com |
securepubads.g.doubleclick.net
|
| 2 | adservice.google.pl |
securepubads.g.doubleclick.net
|
| 2 | pixfuture2-d.openx.net |
cdn.pixfuture.com
|
| 2 | ib.adnxs.com |
cdn.pixfuture.com
|
| 2 | hbopenbid.pubmatic.com |
cdn.pixfuture.com
|
| 2 | apex.go.sonobi.com |
cdn.pixfuture.com
|
| 2 | l.sharethis.com |
ws.sharethis.com
securityaffairs.co |
| 2 | i2.wp.com |
securityaffairs.co
|
| 2 | connect.facebook.net |
securityaffairs.co
connect.facebook.net |
| 2 | contextual.media.net |
securityaffairs.co
|
| 1 | 5d9cbc9ca74629b7aed94aec26a64cb6.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 1 | cm.mgid.com | 1 redirects |
| 1 | c2shb.ssp.yahoo.com |
cdn.pixfuture.com
|
| 1 | pixel.wp.com |
securityaffairs.co
|
| 1 | secure.gravatar.com |
securityaffairs.co
|
| 1 | c.sharethis.mgr.consensu.org |
ws.sharethis.com
|
| 1 | google-analytics.com |
securityaffairs.co
|
| 1 | buttons-config.sharethis.com |
platform-api.sharethis.com
|
| 1 | stats.wp.com |
securityaffairs.co
|
| 1 | platform-api.sharethis.com |
securityaffairs.co
|
| 1 | ws.sharethis.com |
securityaffairs.co
|
| 1 | maxcdn.bootstrapcdn.com |
securityaffairs.co
|
| 1 | www.googletagmanager.com |
securityaffairs.co
|
| 0 | fonts.googleapis.com Failed |
securityaffairs.co
|
| 160 | 44 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.securityaffairs.co GeoTrust RSA CA 2018 |
2020-03-08 - 2021-04-07 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
| sharethis.com Amazon |
2020-08-17 - 2021-09-16 |
a year | crt.sh |
| *.media.net DigiCert SHA2 Secure Server CA |
2020-02-25 - 2021-05-26 |
a year | crt.sh |
| *.pixfuture.com Sectigo RSA Domain Validation Secure Server CA |
2019-12-03 - 2021-12-02 |
2 years | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
| *.wp.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-02 - 2022-07-05 |
2 years | crt.sh |
| sharethis.mgr.consensu.org Amazon |
2020-05-05 - 2021-06-05 |
a year | crt.sh |
| *.gravatar.com Sectigo RSA Domain Validation Secure Server CA |
2020-08-14 - 2022-11-16 |
2 years | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-18 - 2021-07-18 |
a year | crt.sh |
| *.pubmatic.com DigiCert SHA2 Secure Server CA |
2020-02-26 - 2021-05-27 |
a year | crt.sh |
| *.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-01-30 - 2021-04-28 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
| *.go.sonobi.com Go Daddy Secure Certificate Authority - G2 |
2020-12-06 - 2022-01-07 |
a year | crt.sh |
| *.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
| web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-09-18 - 2021-03-17 |
6 months | crt.sh |
| *.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
| *.google.pl GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
| *.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
| cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3 |
2020-10-29 - 2021-04-14 |
5 months | crt.sh |
This page contains 18 frames:
Primary Page:
https://securityaffairs.co/wordpress/114241/malware/teamtnt-hildegard-malware-kubernetes.html
Frame ID: B1E149CF956A4021247C7E057B3D42EC
Requests: 85 HTTP requests in this frame
Frame:
https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: A85738804BE3940792450EC46566A2CA
Requests: 1 HTTP requests in this frame
Frame:
https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=teamtnt,group,uses,hildegard,malware,target,kubernetes,systemssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Frame ID: FE90004E79FC0007C65A5B6A0EFBD787
Requests: 1 HTTP requests in this frame
Frame:
https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=teamtnt,group,uses,hildegard,malware,target,kubernetes,systemssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Frame ID: 4458B3ACFC701FB467374406A0D001F1
Requests: 1 HTTP requests in this frame
Frame:
https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=teamtnt,group,uses,hildegard,malware,target,kubernetes,systemssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Frame ID: 5F433025A30FE703C4A8EFC5D901FC6B
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 07115EDC5C3C657C4E74821F328FD70C
Requests: 20 HTTP requests in this frame
Frame:
https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 5605B0F6CED50C6D78B9489682801629
Requests: 18 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 918F99DEDD2837452AD5E8898D0804E3
Requests: 11 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8032ED61545C4166724BF2FCD9DA9639
Requests: 9 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Frame ID: D378D2918164CBD802366157D87ED7F4
Requests: 1 HTTP requests in this frame
Frame:
https://d0661723d2c1ed2c1cbe10b87bf07121.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Frame ID: E54293FEEBFCC86425432D475D0FD8B5
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C85F1E0DCC06DD533BC2724196C4ACEE
Requests: 1 HTTP requests in this frame
Frame:
https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F1B7A69BF9CDC6DCFC3B2B028D685DDC
Requests: 1 HTTP requests in this frame
Frame:
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 490EBA1882BB39D58D3ADDB212FF2E34
Requests: 1 HTTP requests in this frame
Frame:
https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B021A5D7F12B6FC1FBFAA4F4198B62F6
Requests: 1 HTTP requests in this frame
Frame:
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: F30674DC4B394FBD3C5412F990C2A595
Requests: 1 HTTP requests in this frame
Frame:
https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A16BDA8F306F2F59D7DE4C610B769D39
Requests: 1 HTTP requests in this frame
Frame:
https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5FD7DCD2E68868F6B797D3C99823DD78
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
25 Outgoing links
These are links going to different origins than the main page.
URL: https://www.trendmicro.com/vinfo/hk-en/security/news/virtualization-and-cloud/coinminer-ddos-bot-attack-docker-daemon-ports
Title: detailed
Title: detailed
Search URL Search Domain Scan URL
URL: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
Title: unencrypted file
Title: unencrypted file
Search URL Search Domain Scan URL
URL: https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/
Title: Hildegard
Title: Hildegard
Search URL Search Domain Scan URL
URL: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=Synopsis,object%20that%20describes%20a%20pod.
Title: kubelet
Title: kubelet
Search URL Search Domain Scan URL
URL: https://tmate.io/
Title: tmate
Title: tmate
Search URL Search Domain Scan URL
URL: https://github.com/robertdavidgraham/masscan
Title: masscan
Title: masscan
Search URL Search Domain Scan URL
URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/02/teamtnt-malware.png?ssl=1
Search URL Search Domain Scan URL
URL: https://github.com/torvalds/linux/blob/a0725ab0c7536076d5477264420ef420ebb64501/include/linux/bio.h
Title: bioset
Title: bioset
Search URL Search Domain Scan URL
URL: https://unit42.paloaltonetworks.com/cetus-cryptojacking-worm/
Title: Cetus
Title: Cetus
Search URL Search Domain Scan URL
URL: https://unit42.paloaltonetworks.com/black-t-cryptojacking-variant/
Title: Black-T
Title: Black-T
Search URL Search Domain Scan URL
URL: https://www.trendmicro.com/en_us/research/20/l/teamtnt-now-deploying-ddos-capable-irc-bot-tntbotinger.html
Title: TeamTNT DDoS
Title: TeamTNT DDoS
Search URL Search Domain Scan URL
URL: https://modern.ircdocs.horse/
Title: IRC
Title: IRC
Search URL Search Domain Scan URL
URL: https://attack.mitre.org/techniques/T1574/006/
Title: LD_PRELOAD
Title: LD_PRELOAD
Search URL Search Domain Scan URL
URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini
Title: Pierluigi Paganini
Search URL Search Domain Scan URL
URL: http://www.facebook.com/sharer.php?u=https://securityaffairs.co/wordpress/114241/malware/teamtnt-hildegard-malware-kubernetes.html
Title: Facebook
Title: Facebook
Search URL Search Domain Scan URL
URL: http://twitter.com/share?url=https://securityaffairs.co/wordpress/114241/malware/teamtnt-hildegard-malware-kubernetes.html&text=TeamTNT%20group%20uses%20Hildegard%20Malware%20to%20target%20Kubernetes%20Systems%20
Title: Twitter
Title: Twitter
Search URL Search Domain Scan URL
URL: http://www.linkedin.com/shareArticle?mini=true&url=https://securityaffairs.co/wordpress/114241/malware/teamtnt-hildegard-malware-kubernetes.html
Title: Linkedin
Title: Linkedin
Search URL Search Domain Scan URL
URL: http://reddit.com/submit?url=https://securityaffairs.co/wordpress/114241/malware/teamtnt-hildegard-malware-kubernetes.html&title=TeamTNT%20group%20uses%20Hildegard%20Malware%20to%20target%20Kubernetes%20Systems
Title: Reddit
Title: Reddit
Search URL Search Domain Scan URL
URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114241%2Fmalware%2Fteamtnt-hildegard-malware-kubernetes.html
Search URL Search Domain Scan URL
URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114241%2Fmalware%2Fteamtnt-hildegard-malware-kubernetes.html&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114241%2Fmalware%2Fteamtnt-hildegard-malware-kubernetes.html
Search URL Search Domain Scan URL
URL: http://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114241%2Fmalware%2Fteamtnt-hildegard-malware-kubernetes.html&media=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png
Search URL Search Domain Scan URL
URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114241%2Fmalware%2Fteamtnt-hildegard-malware-kubernetes.html
Search URL Search Domain Scan URL
URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114241%2Fmalware%2Fteamtnt-hildegard-malware-kubernetes.html
Search URL Search Domain Scan URL
URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114241%2Fmalware%2Fteamtnt-hildegard-malware-kubernetes.html
Search URL Search Domain Scan URL
URL: https://www.cssii.unifi.it/vp-89-il-center.html
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 94- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=rksjZHxaRGdKU3dUQ0RIZXhZQWFHQjkrZ3pCREhEZXhKVUFmVUROVzFaSkJwbCtQTG1qOGhhbDhCOHJQU0tFQW4weDdZNEVPaFhsMWREdjBIQ2h1TVhmTWlZL0ZKbFlXUjJydE55cEhPUE93S0xWQ3BKZnljQktLeEp1QW1JZ0x0N0crSUpGOWZSemVROFdjR2t0dVVVYnZ6Tm9pYnY5ZE5JdE1WdGk1dGh2S0ZoUEJTWXNsSmpYU0laNjIyakVoMmVoQ1FZWVlEdDNnWW1DSmtta0VJNE5hS3Q0NDV0S3FQd3hFYnpRdWJON0I0TkZFPXw&cppv=2
- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=vz31_nxNYlhuaitsOWlxWjl0NU5IN28rSTF1YUlrKzJjV3JPL1kzUnFBZm1DeW5ITzVGeWZ3bUMvY3ArRzZiUjFUVVRyNkZkZi9jZUJKUUFWb096SjZsTkJuT0xXdS9abWtOU2NjTHpIUVVGc3JxVnFhYjZyQkUyajBkTkt1ajhlS2NBTXR3aG54S0NhMUlkMzhZeTFMZDJNSmp1RmtxcFFIY1p0SkQ3ZkpaOGhCNXhRYzFEdFgzVk1FaFhJMjFpYk8rZjBuTzAyTEtTckp2ZjRxajhaTEF0WTRnT0Q5ZEdhakNyRUdTaTFRb3RzMjJNPXw&cppv=2
- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=BkuHVXxJMnBZbDFwRW0vVkhjeitrMUtoOEkwZUl6bXM0em5WRk9Wd2dUc3NuWFZFNGFYMS90UWNYWi9tYWhwaWI5NGV4T2k4bDc0eFZEK0lKaEZ4aTJZS1Iwdmtob0ZCOWNqUUduTHNwUHlJMnhnTTQzdHVQLzNwVHBnWnc3eHJsVTcvcjFmTEZxSFRyMGpuZ21LMFZ6LzhFUExjQ21GbVdsdGlGMldSdCtQbnRCM2F5UHlqY2xTbkFNdlptQnZITEVTbzFoYjF2UlJPZHJEU1lxZjFqcDdiOVVBcW40MENqOGN0SWhLdVBncW9yZzBJPXw&cppv=2
- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&bundle=tAYlAV9SJTJCWE1VY1BUZEhhR2tlVkhCWXZ6S1lJJTJCdUpJdDJHbWYyZ0N4MW1VWnhJMm5iNHBwNVRMNm52TDNnWlY3ZjBmQ2U4dHNpeWdIWExiS1RjekNMUUF0RDVFZDYwJTJGS1B1QzFjM25yWkhQdW9ZN25MMWolMkZ6MzVoOWxZNzBjd1dKYVFX&cw=1&lsw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=nU7OQnwrRXNNK0N0ZDU3VXJRa28wNDRNVFRPelQ2YXRZeERFVDg3S0NIcjVqWXB1NlRxYStZL0lCb1ZoUUxmd1I2VE9rVk56bmtqb2U1NmlWNnVOVU9LWmtMUm9JQVJKZ2VVZzk2RlBrcUh2dERkR0R5YW9qU3N0VXdja2FEQXp6UEVKbmh1bTdHUU8vZGVTSEJHTm5sTXZnNVBwdHg4WUhmMi9kTEpITWFEdU1WNjVaUUljNU5ZU0FRTk9rUG9VSTFyVGZQQVliYWxGcXdid2VML2RDSnp4WHFkekVsQzAzNjM2MDc4d2tHckVkU1VWdStYU0pZdlErd0loMGltQzNNSnpufA&cppv=2
- https://cm.mgid.com/m?cdsp=363893&adu=https%3A%2F%2Fprebidserver.pixfuture.com%3A8000%2Fsetuid%3Fbidder%3Dmgid%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%7Bmuidn%7D HTTP 301
- https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=l1bME4_b9Yw1
160 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
teamtnt-hildegard-malware-kubernetes.html
securityaffairs.co/wordpress/114241/malware/ |
90 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ |
61 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frontend.css
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ |
19 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ |
539 B 683 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ |
11 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ |
17 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ |
334 B 478 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ |
110 KB 110 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ |
12 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ |
49 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frontend-gtag.js
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ |
281 KB 281 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie-law-info-public.js
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/ |
33 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
medianetAdInjector.js
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/ |
741 B 895 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
st_insights.js
ws.sharethis.com/button/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sharethis.js
platform-api.sharethis.com/js/ |
101 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shield-antibot.js
securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dmedianet.js
contextual.media.net/ |
149 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headerbid.js
served-by.pixfuture.com/www/delivery/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ |
830 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twitter.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
linkedin.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
reddit.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pinterest.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hacking-SIM-cards.jpg
securityaffairs.co/wordpress/wp-content/uploads/2014/12/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
SAP-systems.gif
securityaffairs.co/wordpress/wp-content/uploads/2015/05/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fortinet-logo.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2019/11/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ |
122 KB 122 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
photon.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.adrotate.clicktracker.js
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ |
365 B 519 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ssba.js
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hint.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
987 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.tipsy.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.easing.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
browser.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.flexslider-min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
waypoints.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mediaelement-and-player.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ |
69 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.swipebox.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.circliful.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.smarticker.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ |
12 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.js
securityaffairs.co/wordpress/wp-includes/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-202106.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twemoji.js
securityaffairs.co/wordpress/wp-includes/js/ |
27 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji.js
securityaffairs.co/wordpress/wp-includes/js/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5b71b64b04b9a500117b1015.js
buttons-config.sharethis.com/js/ |
30 B 372 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ |
43 KB 44 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame A857 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nmedianet.js
contextual.media.net/ |
148 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
teamtnt-malware.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/02/ |
44 KB 44 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pview
l.sharethis.com/ |
0 340 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
198 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 68 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 27 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flping.php
lg3.media.net/ |
35 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flping.php
lg3.media.net/ |
35 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flping.php
lg3.media.net/ |
35 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flping.php
lg3.media.net/ |
35 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flping.php
lg3.media.net/ |
35 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flping.php
lg3.media.net/ |
35 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
securityaffairs-best-european-blog2.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-center-for-cybersecurity.jpg
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
newsletter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.gif
pixel.wp.com/ |
50 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pview
l.sharethis.com/ |
0 315 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headerbid_refresh_alex.php
served-by.pixfuture.com/www/delivery/ Frame FE90 |
11 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
headerbid_refresh_alex.php
served-by.pixfuture.com/www/delivery/ Frame 4458 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headerbid_refresh_alex.php
served-by.pixfuture.com/www/delivery/ Frame 5F43 |
11 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
djax_elastic.js
cdn.pixfuture.com/ Frame 0711 |
37 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery3_5_1.min.js
cdn.pixfuture.com/ Frame 0711 |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 0711 |
275 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
djax_elastic.js
cdn.pixfuture.com/ Frame 5605 |
37 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
log
lg3.media.net/ |
35 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery3_5_1.min.js
cdn.pixfuture.com/ Frame 5605 |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 5605 |
275 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sid
mug.criteo.com/ Frame 0711 Redirect Chain
|
348 B 630 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ Frame 0711 |
56 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid4.19.0.js
cdn.pixfuture.com/ Frame 0711 |
331 KB 332 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl_2021020901.js
securepubads.g.doubleclick.net/gpt/ Frame 0711 |
288 KB 101 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sid
mug.criteo.com/ Frame 5605 Redirect Chain
|
352 B 629 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gpt.js
www.googletagservices.com/tag/js/ Frame 5605 |
56 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid4.19.0.js
cdn.pixfuture.com/ Frame 5605 |
331 KB 332 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl_2021020801.js
securepubads.g.doubleclick.net/gpt/ Frame 5605 |
288 KB 101 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
json
gum.criteo.com/sid/ Frame |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sid
mug.criteo.com/ Frame 0711 Redirect Chain
|
342 B 626 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cookie_sync
prebidserver.pixfuture.com/ Frame 0711 |
275 B 647 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
auction
prebidserver.pixfuture.com/openrtb2/ Frame 0711 |
105 B 462 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trinity.json
apex.go.sonobi.com/ Frame 0711 |
30 B 618 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
translator
hbopenbid.pubmatic.com/ Frame 0711 |
0 117 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ Frame 0711 |
19 B 713 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bidRequest
c2shb.ssp.yahoo.com/ Frame 0711 |
62 B 389 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arj
pixfuture2-d.openx.net/w/1.0/ Frame 0711 |
173 B 360 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
sid
mug.criteo.com/ Frame |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
json
gum.criteo.com/sid/ Frame |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sid
mug.criteo.com/ Frame 5605 Redirect Chain
|
353 B 630 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arj
pixfuture2-d.openx.net/w/1.0/ Frame 5605 |
172 B 558 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
translator
hbopenbid.pubmatic.com/ Frame 5605 |
0 61 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trinity.json
apex.go.sonobi.com/ Frame 5605 |
30 B 622 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ Frame 5605 |
19 B 714 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
sid
mug.criteo.com/ Frame |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 918F |
56 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demo_track.js
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 5605 |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
setuid
prebidserver.pixfuture.com/ Frame 0711 Redirect Chain
|
36 B 36 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8032 |
56 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demo_track.js
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 0711 |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
pubads_impl_2021020801.js
securepubads.g.doubleclick.net/gpt/ Frame 918F |
288 KB 101 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
pubads_impl_2021020801.js
securepubads.g.doubleclick.net/gpt/ Frame 8032 |
288 KB 101 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.pl/adsid/ Frame 918F |
109 B 803 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ Frame 918F |
109 B 247 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ Frame 918F |
45 KB 21 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
d0661723d2c1ed2c1cbe10b87bf07121.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 918F |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 918F |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.pl/adsid/ Frame 8032 |
109 B 169 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
integrator.js
adservice.google.com/adsid/ Frame 8032 |
109 B 781 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ Frame 8032 |
5 KB 3 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
5d9cbc9ca74629b7aed94aec26a64cb6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8032 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8032 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D378 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8032 |
74 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8032 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
container.html
d0661723d2c1ed2c1cbe10b87bf07121.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E542 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
osd.js
www.googletagservices.com/activeview/js/current/ Frame 918F |
74 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
sodar
pagead2.googlesyndication.com/getconfig/ Frame 918F |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 918F |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C85F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
envelope
api.rlcdn.com/api/identity/ Frame 5605 |
0 198 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rid
match.adsrvr.org/track/ Frame 5605 |
109 B 544 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
async_usersync.html
acdn.adnxs.com/dmp/ Frame F1B7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pd
eu-u.openx.net/w/1.0/ Frame 490E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
showad.js
ads.pubmatic.com/AdServer/js/ Frame B021 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rid
match.adsrvr.org/track/ Frame 0711 |
109 B 543 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pd
eu-u.openx.net/w/1.0/ Frame F306 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
async_usersync.html
acdn.adnxs.com/dmp/ Frame A16B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5FD7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 918F |
0 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
envelope
api.rlcdn.com/api/identity/ Frame 0711 |
0 46 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rid
match.adsrvr.org/track/ Frame 0711 |
108 B 689 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
envelope
api.rlcdn.com/api/identity/ Frame 5605 |
0 46 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rid
match.adsrvr.org/track/ Frame 5605 |
108 B 689 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
demo_track.php
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 5605 |
36 B 615 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=688ce3e49e5ecefa1cd650833f2ac646
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=688ce3e49e5ecefa1cd650833f2ac646
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=688ce3e49e5ecefa1cd650833f2ac646
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=688ce3e49e5ecefa1cd650833f2ac646
- Domain
- served-by.pixfuture.com
- URL
- https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=teamtnt,group,uses,hildegard,malware,target,kubernetes,systemssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020801&st=env
Verdicts & Comments Add Verdict or Comment
105 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| mnetCustomerData function| dynamicallyInjectMnetAdHandlerScript function| injectMnetScript object| _mNHandle string| medianet_versionId object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing object| st object| __stdos__ function| __sharethis__docReady object| __sharethis__ object| icwp_wpsf_vars_lpantibot object| iCWP_WPSF_LoginGuard_Gasp boolean| cli_flush_cache string| medianet_width string| medianet_height string| medianet_crid object| FB object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData object| _mN object| _mNSrv function| setup string| _mN_Idf number| _mN_ctr string| _mN_ctrM object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define object| _mNadPrvLog object| click_object object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| _stq function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie string| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed function| refreshTag string| refreshInterval string| keyword7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .securityaffairs.co/ | Name: _gat Value: 1 |
|
| .securityaffairs.co/ | Name: _gid Value: GA1.2.1835710459.1613035967 |
|
| .securityaffairs.co/ | Name: _ga Value: GA1.2.1084918558.1613035967 |
|
| securityaffairs.co/ | Name: cookielawinfo-checkbox-non-necessary Value: yes |
|
| securityaffairs.co/ | Name: session_depth Value: securityaffairs.co%3D1%7C829833831%3D1%7C816788371%3D2%7C733976884%3D1%7C184323154%3D1%7C647633027%3D1 |
|
| .securityaffairs.co/ | Name: _gat_gtag_UA_59069958_1 Value: 1 |
|
| securityaffairs.co/ | Name: cookielawinfo-checkbox-necessary Value: yes |
38 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5d9cbc9ca74629b7aed94aec26a64cb6.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.pl
apex.go.sonobi.com
api.rlcdn.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
c2shb.ssp.yahoo.com
cdn.pixfuture.com
cm.mgid.com
connect.facebook.net
contextual.media.net
d0661723d2c1ed2c1cbe10b87bf07121.safeframe.googlesyndication.com
eu-u.openx.net
fonts.googleapis.com
google-analytics.com
gum.criteo.com
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
l.sharethis.com
lg3.media.net
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
pagead2.googlesyndication.com
pixel.wp.com
pixfuture2-d.openx.net
platform-api.sharethis.com
prebidserver.pixfuture.com
secure.gravatar.com
securepubads.g.doubleclick.net
securityaffairs.co
served-by.pixfuture.com
stats.wp.com
tpc.googlesyndication.com
ws.sharethis.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
fonts.googleapis.com
pagead2.googlesyndication.com
served-by.pixfuture.com
104.108.144.214
104.108.144.24
104.19.135.78
104.76.200.23
142.250.186.98
151.101.113.108
157.245.94.128
178.162.133.150
178.250.0.157
185.64.189.112
192.0.76.3
192.0.77.2
2001:4de0:ac19::1:b:2b
2001:8d8:100f:f000::289
2600:9000:206f:8e00:c:a9b7:ddc0:93a1
2600:9000:20eb:5200:c:abe:f440:93a1
2600:9000:20eb:9200:3:c04e:c780:93a1
2600:9000:2156:4200:1c:8a07:5e80:93a1
2606:4700:20::681a:a9c
2a00:1450:4001:800::2008
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a02:2638:1::13
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
34.120.207.148
35.244.159.8
37.252.172.45
52.28.203.152
52.29.155.194
54.228.21.183
68.183.31.14
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
0108a1ee95a2383565c40d56ab774392d3f2cde2d71e1ba4965e226f99b63c80
029b3c29c4111c7177d55f5196deb35b99ffd868d2f95b653f97a1418791d10e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
070da3240dd39704eafa7c42ddb35257d7b522dc2cf8d4b1792102a7e956e98a
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1217d8b71cbfa33046f7844c4757ba9341034524a35afdbcaed303f94b688a24
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
24583638f8c4bd2d5dff22bddefbb24f8d047868e71ad2c029b1698b6926c85c
2465ca2cd0ef5ba8de6bdaf385a0d765eacb62b7df6c4f89f7672ef205d9ca7e
26416a6936fb9acc17581e272026ebeeba19aaf3d5022ba14cd4d76671bcb444
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2d5a9aa4eabdb58974140a8dfdacfe1ddb89ae27819ad19e8e148649936dac4a
2d8a5cf0e0ee804d8ffc7cffa8ba1ec6dc69f7a7e20afefc16eb947c36aab149
31d22ea0e971031fff7077978fb91cc7b0897cf8f323eb23a867689fafe18689
3755d9d4e705149d17e358d4f690906d5b3b3e2cc4e139b813d70121f7e14213
3f99fde5fd36392ebd009ab6cb6fd01188445e46da470f5373bbde43d9e35458
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
4440909a8539ef0016f539c0d26c39dcf9b73b41072e79efec4fb22beca25111
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
56159a7fa211c042c8da7005984653715f938917383f74292247f7b271469fb6
582299a890a40ffbf165bc643474e679ef6630e2756c560d9b7489324b8f6d9d
5c5b2ef7e7acfc0a265dc851bef437e0d1198d4083919e0d872ddf0227f01e61
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
6a99e7d178fd19b946a936a0f64d31a1af2e843b889ab515ada00d38622c5d67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbc0e2571e95aa60cf5e90e470f64cf0a7c06341077f11bfeae7a83401578af
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
750edb76bcb3f472a6fef8902f269f1253f08ea33fba3b018e304bbd249c744e
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
767c7589673a08ede053cb3952699dbe097433a03ab203861981c2e746aa7b0f
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
76a6fdb9f17e54e616e2f2537ea0c51cfd17b3453b6d97305ecd10fe3e574e4a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7db3506e7bf60dcb247dbb905ac300407b921919703e73e191ab5b702ef7bfbc
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
8423dacb795ba14d7628ca6e73adb221a86139ad04002d96a2f53da5a7444b8a
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
8c43e551763d3628fab88767caacb3188f69afa8d1290cf3f9d61ab09cb56073
8cdba8577952378ab466aebaf25489e6d639d200abbf6e4335d917c5c55338ba
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
936c3e0cfba7a07ab55be383aeca9d39dcde7b4e9cddbfd973f78e34d3cc7078
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9e4a6ba8fbf104beec44e4d5573badfb08bf436aea0b6a6fcc3e85cd84180856
9ebd978f9ed7c4ce0bc4ac433adfac0dcb47ca2065101baddd564dd3d727acfc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a050196a8f8d9bff07224152a16e43367428228dc7465cdb593012f03187fb89
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
a34eaca14fa3eae2fec2ec10e4ed796c39601098209eae69f0fb8a5d9482926a
a7d1a226534c41bb9b34aa3c8565881a1b76acd1172b50fe4b24ce922da917bb
a902ffc1c259dc54cb51d32618f4238568e5bcac3d32afc33e6729277f67dffb
af7abdbcee9fe7d9eed8ff21d4a2ef12c31d2c374b77c8c67b1bf7c8b752f925
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b385a0d317f911d6bb20b8ccff2394042f111284f39385d8ac5b326ed18d4b61
b68f925844593eba31fcec7bbf8a43187ed1547b99151132f090547ba5308b9b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
bb3cc6af6f13fdac2b76ddb393d32a0e2dcbb082e2b98231b30348c13d9b9649
bc24bc8649428f528b2462a9fe4e68e4abb2b84dd12bad0b748867a793450a1a
bca14dd46dba62dd25a7c92b91685f5fa7e198ec810ec4e67e023dccb3edee79
bdec2cf98067424804869b7686735623c4f6fb88ce27718d27619860481b7733
c8817bacfc84fd39e4daec4096011ed3d117c7fe8b3c55fdd22af47c299099bc
c8a080c23f74c3614775a9bea0b3d34f4ac70038f8a775a4df7529c682aaf7b9
d1468318a3a3feaf60773915d2e75690c523d47e3bccac28c2dd5b1c522cc714
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
d44b68c7b3e659196a6a72662f4e2e903044d6e64a6a5c0002602711cd68a8fa
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
ddc2d8842e4e21c1cfe68e168737a5d49b858618ba76e21ba138d67d50492e48
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6
e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
edf4cc2a6568cffbf6b0c85cea42adb62f64a6f84c1643a30a2e603272f915c7
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d