urlscan.io logo urlscan.io
SecurityTrails logo

www.neowin.net Open in urlscan Pro
5.10.17.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_s...
Submission: On August 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 11 countries across 83 domains to perform 224 HTTP transactions. The main IP is 5.10.17.165, located in Tonbridge, United Kingdom and belongs to EVEREST-AS, GB. The main domain is www.neowin.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 25th 2020. Valid for: 2 years.
This is the only time www.neowin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 6 5.10.17.165 60610 (EVEREST-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:219... 16509 (AMAZON-02)
1 13.225.87.110 16509 (AMAZON-02)
2 13.224.102.69 16509 (AMAZON-02)
5 95.101.27.92 20940 (AKAMAI-ASN1)
22 2600:9000:21f... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.217 54113 (FASTLY)
1 13.224.196.31 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
3 4 91.228.74.189 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 34.233.22.207 14618 (AMAZON-AES)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 89.187.169.47 60068 (CDN77 ^_^)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 35.201.100.179 15169 (GOOGLE)
3 13.224.90.44 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 13.224.102.14 16509 (AMAZON-02)
2 5 54.246.201.247 16509 (AMAZON-02)
4 2600:9000:219... 16509 (AMAZON-02)
3 142.250.74.194 15169 (GOOGLE)
2 3.220.238.226 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 35.190.59.101 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:219... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.96.81.209 15169 (GOOGLE)
1 2 104.244.42.8 13414 (TWITTER)
1 6 35.244.159.8 15169 (GOOGLE)
3 4 185.33.221.13 29990 (ASN-APPNEX)
1 52.51.212.11 16509 (AMAZON-02)
9 13.225.87.117 16509 (AMAZON-02)
2 13.225.87.71 16509 (AMAZON-02)
4 13.224.102.54 16509 (AMAZON-02)
2 108.129.26.149 16509 (AMAZON-02)
2 13.225.87.67 16509 (AMAZON-02)
1 34.194.37.39 14618 (AMAZON-AES)
1 104.103.108.46 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 11 52.95.123.41 16509 (AMAZON-02)
1 151.101.14.133 54113 (FASTLY)
1 69.192.160.219 16625 (AKAMAI-AS)
1 13.225.87.104 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
20 54.194.104.251 16509 (AMAZON-02)
3 9 95.101.185.51 16625 (AKAMAI-AS)
3 95.101.184.244 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
4 23.205.235.133 16625 (AKAMAI-AS)
3 3 3.126.56.137 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
3 4 37.157.6.247 198622 (ADFORM)
6 9 13.248.242.197 16509 (AMAZON-02)
17 20 142.250.186.34 15169 (GOOGLE)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 209.54.176.128 16509 (AMAZON-02)
2 3 92.123.21.100 16625 (AKAMAI-AS)
1 1 3.228.62.17 14618 (AMAZON-AES)
1 1 54.220.211.95 16509 (AMAZON-02)
2 2 193.0.160.128 54312 (ROCKETFUEL)
1 1 185.33.221.89 29990 (ASN-APPNEX)
6 6 35.157.168.25 16509 (AMAZON-02)
1 1 34.205.3.24 14618 (AMAZON-AES)
1 1 64.202.112.159 22075 (AS-OUTBRAIN)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 1 213.19.147.44 3356 (LEVEL3)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 1 64.202.112.191 22075 (AS-OUTBRAIN)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 34.192.90.164 14618 (AMAZON-AES)
1 150.136.26.45 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
2 2 18.157.193.56 16509 (AMAZON-02)
1 1 185.86.139.103 201081 (SMARTADSE...)
1 1 96.16.141.156 16625 (AKAMAI-AS)
4 4 185.29.134.244 30419 (MEDIAMATH...)
4 5 151.101.14.49 54113 (FASTLY)
1 208.100.17.172 32748 (STEADFAST)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.44 2514 (INFOSPHER...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
3 4 69.173.144.139 26667 (RUBICONPR...)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 4 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 213.155.156.165 1299 (TELIANET ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
8 185.64.190.80 62713 (AS-PUBMATIC)
5 5 52.215.67.80 16509 (AMAZON-02)
1 1 185.86.139.113 201081 (SMARTADSE...)
1 162.55.6.212 24940 (HETZNER-AS)
2 185.64.190.81 62713 (AS-PUBMATIC)
3 3 51.210.112.236 16276 (OVH)
2 2 34.253.109.165 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 54.36.172.109 16276 (OVH)
1 1 2001:678:cb4:... 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.196.12 14061 (DIGITALOC...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 159.253.128.188 36351 (SOFTLAYER)
224 88
6    5.10.17.165 (Tonbridge, United Kingdom)

ASN60610 (EVEREST-AS, GB)
PTR: web4.rdg.neow.in
www.neowin.net
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:2190:da00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    13.225.87.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-110.fra2.r.cloudfront.net
cdn.adt567.net
2    13.224.102.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-69.zrh50.r.cloudfront.net
widgets.stackcommerce.com
5    95.101.27.92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-92.deploy.static.akamaitechnologies.com
cdn.nsstatic.net
cdn.static.zdbb.net
ns.zdbb.net
22    2600:9000:21f3:3c00:0:89cb:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.neow.in
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
www.google-analytics.com
1    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.scroll.com
1    13.224.196.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-31.fra2.r.cloudfront.net
knl.mntzrlt.net
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
4    91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    34.233.22.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-22-207.compute-1.amazonaws.com
www.zergnet.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.rawgit.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    35.201.100.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.100.201.35.bc.googleusercontent.com
connect.scroll.com
3    13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net
c.amazon-adsystem.com
1    2a02:26f0:6c00::210:bb32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
g.pcmag.com
3    13.224.102.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-14.zrh50.r.cloudfront.net
sb.scorecardresearch.com
5    54.246.201.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-201-247.eu-west-1.compute.amazonaws.com
secure-us.imrworldwide.com
4    2600:9000:2190:3200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
3    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
2    3.220.238.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-238-226.compute-1.amazonaws.com
gurgle.zdbb.net
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
2    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6812:16f2 (United States)

ASN13335 (CLOUDFLARENET, US)
api.stacksocial.com
1    2600:9000:2190:4600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    34.96.81.209 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 209.81.96.34.bc.googleusercontent.com
i.skimresources.com
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ziffdavis-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
4    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    52.51.212.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-212-11.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
9    13.225.87.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-117.fra2.r.cloudfront.net
img4.zergnet.com
cdnp1.stackassets.com
2    13.225.87.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-71.fra2.r.cloudfront.net
img5.zergnet.com
4    13.224.102.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-54.zrh50.r.cloudfront.net
img1.zergnet.com
2    108.129.26.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-26-149.eu-west-1.compute.amazonaws.com
zdbb.net
2    13.225.87.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-67.fra2.r.cloudfront.net
cdnp2.stackassets.com
1    34.194.37.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-37-39.compute-1.amazonaws.com
jogger.zdbb.net
1    104.103.108.46 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-108-46.deploy.static.akamaitechnologies.com
tags.bkrtx.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    52.95.123.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    13.225.87.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-104.fra2.r.cloudfront.net
bee.imrworldwide.com
1    2600:9000:21f3:e200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
plovaij8gwf7vecg5ku78yby87lgk1629724759.nuid.imrworldwide.com
20    54.194.104.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
9    95.101.185.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-185-51.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    95.101.184.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-184-244.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:21f3:b000:0:70b1:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync-amz.ads.yieldmo.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
20    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    92.123.21.100 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-100.deploy.static.akamaitechnologies.com
px.owneriq.net
1    3.228.62.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-62-17.compute-1.amazonaws.com
sync.extend.tv
1    54.220.211.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-211-95.eu-west-1.compute.amazonaws.com
d.adroll.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
6    35.157.168.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-168-25.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.targeting.unrulymedia.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    34.192.90.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-90-164.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    18.157.193.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-193-56.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    208.100.17.172 (United States)

ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.44 (Minato-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    52.215.67.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-80.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    54.36.172.109 (Leyton, United Kingdom)

ASN16276 (OVH, FR)
PTR: pl01.roqad.pl
ws.rqtrk.eu
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
26 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
144 KB
22 neow.in
cdn.neow.in
405 KB
20 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
34 KB
20 gumgum.com
rtb.gumgum.com
6 KB
16 zergnet.com
www.zergnet.com
img4.zergnet.com
img5.zergnet.com
img1.zergnet.com
243 KB
15 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
10 KB
14 rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
27 KB
11 imrworldwide.com
secure-us.imrworldwide.com
cdn-gl.imrworldwide.com
bee.imrworldwide.com
plovaij8gwf7vecg5ku78yby87lgk1629724759.nuid.imrworldwide.com
72 KB
10 skimresources.com
s.skimresources.com
t.skimresources.com
p.skimresources.com
r.skimresources.com
i.skimresources.com
31 KB
9 adsrvr.org
match.adsrvr.org
4 KB
9 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
10 KB
9 zdbb.net
cdn.static.zdbb.net
ns.zdbb.net
gurgle.zdbb.net
zdbb.net
jogger.zdbb.net
28 KB
8 twitter.com
platform.twitter.com
syndication.twitter.com
164 KB
7 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
4 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 openx.net
ziffdavis-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
6 neowin.net
www.neowin.net
116 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 stackassets.com
cdnp2.stackassets.com
cdnp1.stackassets.com
70 KB
5 adnxs.com
ib.adnxs.com
secure.adnxs.com
5 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 adform.net
c1.adform.net
2 KB
4 gstatic.com
fonts.gstatic.com
58 KB
4 google-analytics.com
www.google-analytics.com
19 KB
4 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 owneriq.net
px.owneriq.net
1 KB
3 facebook.com
graph.facebook.com
www.facebook.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 cloudflare.com
cdnjs.cloudflare.com
39 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
887 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 creativecdn.com
creativecdn.com
695 B
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1 KB
2 360yield.com
ad.360yield.com
615 B
2 contextweb.com
bh.contextweb.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 3lift.com
eb2.3lift.com
744 B
2 facebook.net
connect.facebook.net
70 KB
2 scroll.com
static.scroll.com
connect.scroll.com
8 KB
2 google.com
apis.google.com
www.google.com
113 B
2 stackcommerce.com
widgets.stackcommerce.com
5 KB
2 consensu.org
quantcast.mgr.consensu.org
49 KB
1 simpli.fi
um.simpli.fi
609 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 loopme.me
csync.loopme.me
152 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
360 B
1 rlcdn.com
id.rlcdn.com
66 B
1 socdm.com
tg.socdm.com
835 B
1 emxdgt.com
cs.emxdgt.com
1 33across.com
ssc-cms.33across.com
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 outbrain.com
sync.outbrain.com
625 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
469 B
1 zemanta.com
b1sync.zemanta.com
281 B
1 stackadapt.com
sync.srv.stackadapt.com
618 B
1 adroll.com
d.adroll.com
112 B
1 extend.tv
sync.extend.tv
546 B
1 yieldmo.com
sync-amz.ads.yieldmo.com
480 B
1 bluekai.com
stags.bluekai.com
338 B
1 krxd.net
cdn.krxd.net
394 B
1 bkrtx.com
tags.bkrtx.com
16 KB
1 adsafeprotected.com
pixel.adsafeprotected.com
2 KB
1 google.de
www.google.de
107 B
1 quantcount.com
rules.quantcount.com
354 B
1 stacksocial.com
api.stacksocial.com
5 KB
1 pcmag.com
g.pcmag.com
323 B
1 rawgit.com
cdn.rawgit.com
2 KB
1 mntzrlt.net
knl.mntzrlt.net
1 KB
1 jquery.com
code.jquery.com
30 KB
1 nsstatic.net
cdn.nsstatic.net
141 KB
1 adt567.net
cdn.adt567.net
8 KB
1 googleapis.com
fonts.googleapis.com
850 B
224 83
Domain Requested by
22 cdn.neow.in www.neowin.net
20 cm.g.doubleclick.net 17 redirects u.openx.net
rtb.gumgum.com
aax-eu.amazon-adsystem.com
20 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
11 aax-eu.amazon-adsystem.com 1 redirects cdn.nsstatic.net
aax-eu.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
ads.pubmatic.com
9 match.adsrvr.org 6 redirects u.openx.net
ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
8 simage2.pubmatic.com ads.pubmatic.com
6 image2.pubmatic.com ads.pubmatic.com
6 x.bidswitch.net 6 redirects
6 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
6 img4.zergnet.com www.neowin.net
6 platform.twitter.com www.neowin.net
platform.twitter.com
6 www.neowin.net 3 redirects www.neowin.net
5 match.prod.bidr.io 5 redirects
5 sync-tm.everesttech.net 4 redirects aax-eu.amazon-adsystem.com
5 secure-us.imrworldwide.com 2 redirects
4 pixel.rubiconproject.com 1 redirects aax-eu.amazon-adsystem.com
4 token.rubiconproject.com 3 redirects aax-eu.amazon-adsystem.com
4 sync.mathtag.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
4 img1.zergnet.com www.neowin.net
4 ib.adnxs.com 3 redirects cdn.nsstatic.net
4 cdn-gl.imrworldwide.com www.neowin.net
secure-us.imrworldwide.com
cdn-gl.imrworldwide.com
4 www.zergnet.com www.neowin.net
www.zergnet.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.google-analytics.com www.neowin.net
www.google-analytics.com
3 pixel.onaudience.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 us-u.openx.net 1 redirects u.openx.net
3 pixel.quantserve.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 ads.pubmatic.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
3 cdnp1.stackassets.com www.neowin.net
3 stats.g.doubleclick.net www.google-analytics.com
3 securepubads.g.doubleclick.net cdn.nsstatic.net
securepubads.g.doubleclick.net
3 cdn.static.zdbb.net cdn.nsstatic.net
cdn.static.zdbb.net
3 sb.scorecardresearch.com 1 redirects cdn.nsstatic.net
www.neowin.net
3 c.amazon-adsystem.com cdn.nsstatic.net
3 t.skimresources.com www.neowin.net
s.skimresources.com
3 cdnjs.cloudflare.com www.neowin.net
widgets.stackcommerce.com
2 pixel-sync.sitescout.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.1rx.io 2 redirects
2 p.rfihub.com 2 redirects
2 eb2.3lift.com 2 redirects
2 www.facebook.com connect.facebook.net
2 cdnp2.stackassets.com www.neowin.net
2 zdbb.net www.neowin.net
cdn.static.zdbb.net
2 img5.zergnet.com www.neowin.net
2 syndication.twitter.com 1 redirects platform.twitter.com
2 i.skimresources.com s.skimresources.com
2 r.skimresources.com 1 redirects www.neowin.net
2 gurgle.zdbb.net www.neowin.net
cdn.static.zdbb.net
2 p.skimresources.com www.neowin.net
2 connect.facebook.net www.neowin.net
connect.facebook.net
2 widgets.stackcommerce.com www.neowin.net
widgets.stackcommerce.com
2 quantcast.mgr.consensu.org www.neowin.net
quantcast.mgr.consensu.org
1 um.simpli.fi ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 pixel-eu.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 ssc-cms.33across.com rtb.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.outbrain.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 secure.adnxs.com 1 redirects
1 d.adroll.com 1 redirects
1 sync.extend.tv 1 redirects
1 s.amazon-adsystem.com ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 eu-u.openx.net u.openx.net
1 u.openx.net aax-eu.amazon-adsystem.com
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 plovaij8gwf7vecg5ku78yby87lgk1629724759.nuid.imrworldwide.com
1 bee.imrworldwide.com secure-us.imrworldwide.com
1 stags.bluekai.com tags.bkrtx.com
1 cdn.krxd.net cdn.static.zdbb.net
1 tags.bkrtx.com cdn.static.zdbb.net
1 jogger.zdbb.net cdn.static.zdbb.net
1 pixel.adsafeprotected.com cdn.nsstatic.net
1 ziffdavis-d.openx.net cdn.nsstatic.net
1 www.google.de www.neowin.net
1 www.google.com www.neowin.net
1 rules.quantcount.com secure.quantserve.com
1 api.stacksocial.com code.jquery.com
1 graph.facebook.com code.jquery.com
1 ns.zdbb.net cdn.nsstatic.net
1 g.pcmag.com cdn.nsstatic.net
1 connect.scroll.com static.scroll.com
1 cdn.rawgit.com widgets.stackcommerce.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 s.skimresources.com www.neowin.net
1 knl.mntzrlt.net www.neowin.net
1 static.scroll.com www.neowin.net
1 apis.google.com www.neowin.net
1 code.jquery.com www.neowin.net
1 cdn.nsstatic.net www.neowin.net
1 cdn.adt567.net www.neowin.net
1 fonts.googleapis.com www.neowin.net
224 124
Subject Issuer Validity Valid
www.neowin.net
Sectigo RSA Domain Validation Secure Server CA		 2020-07-25 -
2022-10-27		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
adt567.net
Amazon		 2021-07-20 -
2022-08-18		 a year crt.sh
*.stackcommerce.com
Amazon		 2021-05-23 -
2022-06-21		 a year crt.sh
www.ziffdavis.com
COMODO RSA Organization Validation Secure Server CA		 2021-03-03 -
2022-02-25		 a year crt.sh
cdn.neow.in
Amazon		 2021-07-09 -
2022-08-07		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.scroll.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
*.mntzrlt.net
Amazon		 2021-07-07 -
2022-08-05		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.zergnet.com
Amazon		 2021-04-12 -
2022-05-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
cdn.rawgit.com
R3		 2021-08-12 -
2021-11-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.zdbb.net
Amazon		 2021-05-05 -
2022-06-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
zdbb.net
Amazon		 2021-02-25 -
2022-03-26		 a year crt.sh
stackassets.com
Amazon		 2020-11-21 -
2021-12-22		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2021-04-02 -
2022-04-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2021-06-11 -
2022-07-10		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-01-18 -
2022-02-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
loopme.me
R3		 2021-07-11 -
2021-10-09		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh

This page contains 39 frames:

Primary Page: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Frame ID: 2AF145ED5AFE856367A1D385EA7A23E1
Requests: 122 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.16200482561582885
Frame ID: 9BAA61B655FF8E1DBAACFC5972F050A0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.neowin.net
Frame ID: 207D78571218CB8C882DFF5F00E7D0A0
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: 5208E1F6E0F7B12906585F667D3D6996
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: FE92DF941F95B989D87162598CBAAC32
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F8C63137E6A407FC2718477DF90C9136
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=141241332490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15fa583351782c%26domain%3Dwww.neowin.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.neowin.net%252Ff34fda86b69d314%26relation%3Dparent.parent&container_width=128&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=true
Frame ID: AC8F0E925DA8D1C14CA367DCF868D810
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=141241332490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a0661a1806f94%26domain%3Dwww.neowin.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.neowin.net%252Ff34fda86b69d314%26relation%3Dparent.parent&container_width=760&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 6ADB93AE5AEA1B93E3A50643F840BAF4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Frame ID: E1A09EB5194C50F45C238D4524642E94
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dneowin.net&phint=referer%3Dhttps%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&phint=bbseg%3D6918&phint=bbseg%3D1100038&phint=bbseg%3D6929&phint=bbseg%3D1100693&phint=bbseg%3D900248&phint=bbseg%3D7455&phint=bbseg%3D6816&phint=bbseg%3D6817&phint=bbseg%3D900255&phint=bbseg%3D6819&phint=bbseg%3D6821&phint=bbseg%3D6823&phint=bbseg%3D900263&phint=bbseg%3D6825&phint=bbseg%3D6953&phint=bbseg%3D6828&phint=bbseg%3D1100077&phint=bbseg%3D6833&phint=bbseg%3D6834&phint=bbseg%3D6837&phint=bbseg%3D6840&phint=bbseg%3D6841&phint=bbseg%3D900152&phint=bbseg%3D900281&phint=bbseg%3D6844&phint=bbseg%3D6845&phint=bbseg%3D6846&phint=bbseg%3D900157&phint=bbseg%3D6848&phint=bbseg%3D900282&phint=bbseg%3D900285&phint=bbseg%3D1100101&phint=bbseg%3D8006&phint=bbseg%3D900169&phint=bbseg%3D900307&phint=bbseg%3D900185&phint=bbseg%3D900313&phint=bbseg%3D900315&phint=bbseg%3D6890&phint=bbseg%3D900331&phint=bbseg%3D900333&phint=bbseg%3D900207&phint=__bk_t%3DCISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&phint=__bk_v%3D3.1.10&limit=10&r=56108329
Frame ID: 4FA4DAAA0C06651A4266B8300A0827D5
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: B59C02EB05321E3ECCDDBEDE4CAF95C9
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 650268487913AB0224CED25BC1E0EAA9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 5B729AB8D50AE70E46E5490FAA573A2E
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: C8E537C865AED8807DED37081B2D68D9
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 8B7E4D30CBBCF3A76C8C632AB05BCE22
Requests: 20 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: A286E92F4F89780EBEFA1A76A3EC56B7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 86337182445D10F7BB5EB31EC95EF745
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-LjtWIsh1l2P7etb.0hRkY65c1qA4oEI-&
Frame ID: 9E9440C23446E74CC5F8C05C13BCD9DC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: CE66162FADE98EB4220FC854D97E4F1E
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=859604984714825888&ex=appnexus.com
Frame ID: 4768335063088B267FAAF3CCF2B8079A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2556842029699953157
Frame ID: 5C615C4752C68C6A65C784A9A4D0F934
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 7B069B0DC70BE323536282129AA783B4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=0e66e1eb-3c4d-4110-bc2c-c373a815ec37&t=1632316760
Frame ID: 52EC29ECF75B413148AC7E36904B8CC0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 663522016A249CBD77B7C171DC938578
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=e7736123-a059-4c00-986e-20c6c9eb3843&gdpr=&gdpr_consent=
Frame ID: F466B61F8C26427DF2B81CA2533058D9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YSOgWAADul_r0wBg&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg
Frame ID: 693C5EF460C44C5FE268504332523A6D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent=&google_tc=
Frame ID: EEA28D51AC145BB5764A8950DB9418A0
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: ED44ACED7CD2122207BE4E1779793F3D
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 495B9693A2DD774A0FBA86579631CF07
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YSOgWsCo8YwAAKujEkgAAAAA
Frame ID: 2DB8E4BB2D16EBC909C3F10FDC3C4749
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1875819622167230104
Frame ID: 67F1CDB20252CB63132AEE43DE0530C9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=U6FFbbhMTjMbI9wydS6c&pi=gumgum&tc=1
Frame ID: E11AE3B3BAF0A8674F8FACA9AA7AC3DD
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=76F19426-D48C-4CB3-9721-733FBD7FD1FA
Frame ID: F9A9E5A5117BAC6D75E077E6B9E1126E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3657752412482624222
Frame ID: 7D8BED3C7B4E83FD8BD682D31C6890F3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 194D972A2F2240FCC25FEA2611C4D0F4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999614567174961291
Frame ID: DCBCAD89865359D0E385A909611A7735
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1hU7CR0EAACG2wnUgdw
Frame ID: 66E5DEFE52EC803028294D2EBF9E7233
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: 36D5D3CB14BF412D716ACE0A628271F8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=76F19426-D48C-4CB3-9721-733FBD7FD1FA&ex=pubmatic.com
Frame ID: 92CBE3D11B152BC6D2C532504EEC8596
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CISA: BadAlloc vulnerability can lead to remote code execution in BlackBerry products - Neowin

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

224
Requests

100 %
HTTPS

25 %
IPv6

83
Domains

124
Subdomains

88
IPs

11
Countries

1824 kB
Transfer

3961 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.neowin.net/images/orion/sprite.png HTTP 301
  • https://cdn.neow.in/news/images/orion/sprite.png
Request Chain 19
  • https://www.neowin.net/images/orion/social-white.png HTTP 301
  • https://cdn.neow.in/news/images/orion/social-white.png
Request Chain 50
  • https://www.neowin.net/images/orion/darkside-theme.png HTTP 301
  • https://cdn.neow.in/news/images/orion/darkside-theme.png
Request Chain 59
  • https://secure-us.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 65
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01FDSJMMQ5REWBZVP1G5F4Z8GG&persistence=1&checksum=23b4e00818f6b8d26e82903d6bee326b7a323db4f9502413c20d5e15a443a11c
Request Chain 71
  • https://sb.scorecardresearch.com/b?c1=8&c2=6036316&c3=1&ns__t=1629724758776&ns_c=UTF-8&cv=3.5&c8=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&c7=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1629724758776&ns_c=UTF-8&cv=3.5&c8=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&c7=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&c9=
Request Chain 110
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 122
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Request Chain 126
  • https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1629724759705&ci=ziffdavis&js=1&cg=0&ts=2728X590260.skimlinks.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&sr=1600x1200&tz=2 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1629724759705&ci=ziffdavis&js=1&cg=0&ts=2728X590260.skimlinks.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&sr=1600x1200&tz=2&ja=1
Request Chain 134
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 138
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-LjtWIsh1l2P7etb.0hRkY65c1qA4oEI-&
Request Chain 140
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=859604984714825888&ex=appnexus.com
Request Chain 141
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2556842029699953157
Request Chain 143
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G1VyZUxUdWEAASE0HFJtbkhTcDMAAXU0HlWpES4-
Request Chain 144
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1593776517218906470
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWE5YWMyZTUtM2EzZC02ZTQxLTU0NjgtNWQzY2ZkNzZhNzMz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWE5YWMyZTUtM2EzZC02ZTQxLTU0NjgtNWQzY2ZkNzZhNzMz&google_tc=
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENN-UmbcZQDhF8qaBrEuPVA&google_cver=1
Request Chain 150
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSOgV5BepE9BVEpW3Ac6KQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YSOgV5BepE9BVEpW3Ac6KQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA-4PRVvpe8zM4IirhlSbMA&google_cver=1
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSOgV5BepE9BVEpW3Ac6KQAABMIAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSOgV5BepE9BVEpW3Ac6KQAABMIAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB3MHnQHvZi55RY3dUW6eDQ&google_cver=1
Request Chain 154
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6830111631680561332&uid=Q6830111631680561332&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 155
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbe84e1f-44a8-4ddd-9137-eb828e6d2f7b HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbe84e1f-44a8-4ddd-9137-eb828e6d2f7b&C=1
Request Chain 156
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 157
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029275941960
Request Chain 159
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=859604984714825888
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3bdb156e-1be6-4864-b0a3-6f36f2645665&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3bdb156e-1be6-4864-b0a3-6f36f2645665&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=XiqZmwkrnp9FfsrKWS2GkA0sm81Ffp7KWypbjFbj HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=3b953ccc-ee6f-48d0-9aba-3b53ac2ac1bf
Request Chain 161
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c439e774-0d14-4f42-4cbc-bd84ff044cd1$ip$185.236.201.227
Request Chain 162
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3bdb156e-1be6-4864-b0a3-6f36f2645665&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 163
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8106674420 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0e66e1eb-3c4d-4110-bc2c-c373a815ec37 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003
Request Chain 164
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=E1PYpITPqrTQ&ev=1&pid=558355
Request Chain 165
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RxIeqFMdYH12qXwbUpf7vsJ5oHRlToAYMkd7F4cgPf7e_I1_ksswvSUVurF63B8j%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RxIeqFMdYH12qXwbUpf7vsJ5oHRlToAYMkd7F4cgPf7e_I1_ksswvSUVurF63B8j%29
Request Chain 166
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=c1c8b55f-db5f-08b3-26f3-1768ffc46815
Request Chain 167
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-YKTp4GtE2pdB4bdPC6d6hRbGMhOFVpXdSRA0~A
Request Chain 168
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=bb99d256-0414-11ec-95ae-1720138fb780
Request Chain 171
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=875e5931-4f65-441c-aaaf-30565c6fc020
Request Chain 172
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=3919333717120786211&gdpr=1&gdpr_consent=
Request Chain 175
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=0e66e1eb-3c4d-4110-bc2c-c373a815ec37&t=1632316760
Request Chain 176
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 177
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=e7736123-a059-4c00-986e-20c6c9eb3843&gdpr=&gdpr_consent=
Request Chain 178
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YSOgWAADul_r0wBg&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent=&google_tc=
Request Chain 182
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YSOgWsCo8YwAAKujEkgAAAAA
Request Chain 183
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1875819622167230104
Request Chain 184
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=U6FFbbhMTjMbI9wydS6c&pi=gumgum&tc=1
Request Chain 187
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KSOO1LDG-1R-8IZ0&ex=d-rubiconproject.com&status=ok
Request Chain 188
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wMu1CYONTYjscMaOSikYKMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5612559707678500003
Request Chain 189
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YSOgWAADuoer0gBg
Request Chain 192
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSOO1LDG-1R-8IZ0&sigv=1&esig=2~dc3b6e3629c6112ff3991101b2c457ff502691d8
Request Chain 193
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9e366123-a059-4000-a224-6181ed2618e7
Request Chain 194
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPTzFMREctMVItOElaMA== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPTzFMREctMVItOElaMA==&google_tc=
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMrBF0oCsYetfGaamCVGs7o&google_cver=1
Request Chain 199
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=mag&i=KSOO1LDG-1R-8IZ0
Request Chain 201
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3657752412482624222
Request Chain 203
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999614567174961291
Request Chain 204
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMWhVN0NSMEVBQUNHMnduVWdkdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMWhVN0NSMEVBQUNHMnduVWdkdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD1hU7CR0EAACG2wnUgdw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD1hU7CR0EAACG2wnUgdw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD1hU7CR0EAACG2wnUgdw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=178201547701886965 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1hU7CR0EAACG2wnUgdw
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dvGUJtSMTLOXIXM_vX_R-g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 208
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9e366123-a059-4000-a224-6181ed2618e7
Request Chain 209
  • https://pixel.onaudience.com/?partner=214&mapped=76F19426-D48C-4CB3-9721-733FBD7FD1FA HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d1e2716815eb8a1ef067eed891b2a4a9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=9dd5e08d-54d8-4c35-93b9-3c8d6d8bc9c5&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ba5c19647ae113b0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886f62f1f2de&zcluid=ba5c19647ae113b0&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886f62f1f2de&zcluid=ba5c19647ae113b0&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHCHroe3Or7Eqnw8VwEXeHE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886f62f1f2de&zcluid=ba5c19647ae113b0&zdid=1332
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1593966782891687298
Request Chain 211
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9e366123-a059-4000-a224-6181ed2618e7&gdpr=0&gdpr_consent=
Request Chain 212
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e66e1eb-3c4d-4110-bc2c-c373a815ec37
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcDxE2mhWNNswrD_8WrcvE&google_cver=1
Request Chain 214
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=859604984714825888&gdpr=0&gdpr_consent=
Request Chain 215
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=76F19426-D48C-4CB3-9721-733FBD7FD1FA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CcVLtKJE2uVWJ576FomaCNVLcBJTLq8-~A&gdpr=0&gdpr_consent=
Request Chain 217
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x1bvzpBX6MrcAryfwFHwxZRQ7ZjcAuifwlZItypN
Request Chain 218
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36611500-e81b-4a16-9d70-5ce1a094ebf3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 219
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSOgWAADul_r0wBg&gdpr=0&gdpr_consent=
Request Chain 220
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3573573863698190463&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 222
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5e780eec-b73f-4d18-ae44-1b55ac73a73b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 223
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=e7fe00a3-979e-47a7-887f-5236aa5bfab7-6123a05c-4348&gdpr=0&gdpr_consent=

224 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/ 		60 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.17.165 Tonbridge, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
web4.rdg.neow.in
Software
nginx /
Resource Hash
5da2153040772f13ecd9c2504e439f877264f3cff9f7065e13571dcd43e6b062
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.neowin.net
:scheme
https
:path
/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
nginx
date
Mon, 23 Aug 2021 13:19:18 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
ips4_IPSSessionFront=ce4rpp6g53k8ti997rn3n1ir71; path=/; secure; HttpOnly viewData=H4sIAAAAAAAAA4tWMjIytLAwUIoFAG8mhgsKAAAA; expires=Wed, 22-Sep-2021 13:19:18 GMT; Max-Age=2592000; path=/; domain=.neowin.net
x-server-name
web4.rdg.neow.in
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
content-encoding
gzip
orion.min.css
www.neowin.net/css/orion/ 		228 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.neowin.net/css/orion/orion.min.css?ver=e6d7005
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.17.165 Tonbridge, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
web4.rdg.neow.in
Software
nginx /
Resource Hash
603d4933b5b4daac1429f4b6e4a0ca6e52c51acbff63991b375f315936d73ebb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:path
/css/orion/orion.min.css?ver=e6d7005
pragma
no-cache
cookie
ips4_IPSSessionFront=ce4rpp6g53k8ti997rn3n1ir71; viewData=H4sIAAAAAAAAA4tWMjIytLAwUIoFAG8mhgsKAAAA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.neowin.net
referer
https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Sun, 15 Aug 2021 15:58:40 GMT
x-server-name
web4.rdg.neow.in
etag
W/"611939b0-39091"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
expires
Tue, 23 Aug 2022 13:19:18 GMT
css
fonts.googleapis.com/ 		9 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&display=swap
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e4849329855f04b847b923fc72de03af0d9ab0c7d38e6dee9e92d84f5d33d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 13:10:37 GMT
server
ESF
date
Mon, 23 Aug 2021 13:19:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 13:19:18 GMT
choice.js
quantcast.mgr.consensu.org/choice/SgN3NPpAChpt2/www.neowin.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/SgN3NPpAChpt2/www.neowin.net/choice.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:da00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a0d8323395438a027eea7f39a03d97690ca19e5608eee69ec73fcce56860232

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 23 Aug 2021 13:18:48 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 15:51:38 GMT
server
AmazonS3
age
43
etag
W/"5bb669d110e9ea90adbeeb39efd3e105"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
cMu8GRGFWEmzQao61qRpTGtBLW2n6SXrdombz7IvAFhTGZuKv6XrXA==
atag.js
cdn.adt567.net/ 		39 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adt567.net/atag.js?as=1632487396
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-110.fra2.r.cloudfront.net
Software
/
Resource Hash
761d580b2c335ceb4b3e26b152cd788619a5e849b176883427acee378b0efe11

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:01:53 GMT
content-encoding
gzip
age
3388
etag
"8D2B330ED534BAC75D065DD28B6EE9FF"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=10800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
7524
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id
u1fMtDZf-Ro0EzokH1VEoidCkfUJx-q-ocEakAFiUyEZCY5EkWU5gg==
x-cache-hits
2
widget.js
widgets.stackcommerce.com/js-deal-feed/0.1/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.stackcommerce.com/js-deal-feed/0.1/widget.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-69.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cdd8915b932a7542577e40be604465a2362ab1db586216d1c5bf77b92f17a9e

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:02:33 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2017 18:58:24 GMT
server
AmazonS3
age
1193
etag
W/"a3fefcff117106b2ebe4c2729e7cf7b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
aJHgKYsMEY5Te1FueDkc8GHm9GQzME9763tGzYN5hksZNTk1CSd5gw==
neowin.net.js
cdn.nsstatic.net/ns/ 		448 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nsstatic.net/ns/neowin.net.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de55d20e82f2b29e90f7764a0aaab948eed2ae066fcd287cc79fd4466929c06d

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
mlAAtcOM67ItIjB0.FcsjzSbPjzDjJ8c
content-encoding
gzip
last-modified
Fri, 06 Aug 2021 21:20:50 GMT
x-amz-request-id
6ERHQJHBADPXY0R4
etag
"ff3c70f348cd96370ab4ac3587b73379"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2314
date
Mon, 23 Aug 2021 13:19:18 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
content-length
143630
x-amz-id-2
GHfG83Yei0L21wFRqD5xX7Ndjj2Ev9jk6xUocJlr78QenpYjtsh4ndVaJUc6uW6S+r8F9tSk/MA=
expires
Mon, 23 Aug 2021 13:57:52 GMT
blackberry-oslo-logo_story.jpg
cdn.neow.in/news/images/uploaded/2015/06/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2015/06/blackberry-oslo-logo_story.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5112c6ee3e859c7c5c482b1160cae49d6d0db6c6083da8ffa8d6afcad3dd61b5

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 08:05:22 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Mon, 26 Dec 2016 08:19:45 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:development/uname:neowin/gid:506/mode:33188/mtime:1454759120/atime:1454759120/md5:c997389dacc8eb12340b1d2a852a8d7a/ctime:1482711495
age
450837
etag
"c997389dacc8eb12340b1d2a852a8d7a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
51753
x-amz-cf-id
GN2ANJFAeqrue72HenxawpULvgWXPulUwlRBGAETY_r8eogl03URgQ==
1629374272_back_to_school_promo_mediump.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629374272_back_to_school_promo_mediump.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c06581b3e6b037d58efe06c7b007aaa5fd40c823e7fa9a581701f3ef947da51a

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 11:58:43 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Aug 2021 11:57:56 GMT
server
AmazonS3
age
350436
etag
"f61309eda17f405dc101e89c5fe313c5"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
33366
x-amz-cf-id
6RweJhjB5jIs_soGMvbnMvqFw-98EPS6Ir6GVoZLPSOTU45DDTHnsw==
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Origin
https://www.neowin.net
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-15d9d"
vary
Accept-Encoding
x-hw
1629724758.dop001.fr8.t,1629724758.cds218.fr8.hc,1629724758.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.2/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.2/highlight.min.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3bb686cf87c692323c53cdc32528edc686417d44700afd32888b39349f18c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
676972
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34275
timing-allow-origin
*
last-modified
Sun, 04 Apr 2021 20:22:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"606a1fee-21184"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJQ7LeaTw4kKBikAJzipX067tUiCmmtpGlYzfH%2B7D3h%2BMy2gX68wTFFaeZn52LGYm9DRYY9MUGsIrHInNZ8MP3VLqpqJMhy1KQtDJxmTzuFXeh7%2FB6ohLoeYLSuPcwux8OLrAHbEjz7QlG2CFTu5VHlf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6834a1bbf8ac16e6-FRA
expires
Sat, 13 Aug 2022 13:19:18 GMT
scripts.min.js
www.neowin.net/js/orion/ 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.neowin.net/js/orion/scripts.min.js?ver=e6d7005
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.17.165 Tonbridge, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
web4.rdg.neow.in
Software
nginx /
Resource Hash
b6ab7ceb858b9c591f8d6fd6ddc631ddb3f622ed67fe5663d459dfd9d549e9ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:path
/js/orion/scripts.min.js?ver=e6d7005
pragma
no-cache
cookie
ips4_IPSSessionFront=ce4rpp6g53k8ti997rn3n1ir71; viewData=H4sIAAAAAAAAA4tWMjIytLAwUIoFAG8mhgsKAAAA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.neowin.net
referer
https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Sat, 21 Aug 2021 17:01:35 GMT
x-server-name
web4.rdg.neow.in
etag
W/"6121316f-26a47"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
expires
Tue, 23 Aug 2022 13:19:18 GMT
platform.js
apis.google.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
scroll.js
static.scroll.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
age
43180
x-guploader-uploadid
ADPycduAlWqEV0MKdiy8BAJGp_W_5gJ5OTZ5S21LZzvqCAtBA3fa0JyKZsXuRUYGl8HrsfKl03HbWNqM4ctm--l3pBOyZDp4fQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
6459
x-served-by
cache-fra19161-FRA
last-modified
Thu, 25 Feb 2021 20:29:37 GMT
server
UploadServer
x-timer
S1629724758.473946,VS0,VE0
etag
"334dd94887922f13e29acca6ed203eb7"
vary
Origin
x-goog-hash
crc32c=kcQgZA==, md5=M03ZSIeSLxPimsym7SA+tw==
x-goog-generation
1614284976930081
via
1.1 varnish
expires
Thu, 05 Aug 2021 01:19:32 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
6459
accept-ranges
bytes
content-type
application/javascript
x-scrolljs
3
x-cache-hits
8998
neowin.js
knl.mntzrlt.net/widget/code/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knl.mntzrlt.net/widget/code/neowin.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-31.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f10e00c3d8e89e458017a5383cc4ab4aa39567a222c7ef0ef0990e278e88927

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
nOT8f1H4gkpawf5y_mFpYzX.UKor3UZP
content-encoding
gzip
last-modified
Fri, 12 Jun 2020 15:28:23 GMT
server
AmazonS3
age
1143
etag
W/"da203943a9345f532809372f57712e56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 23 Aug 2021 13:00:16 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
EfhWoM7f4JYW6BWf7qiZ7Irc01887uL0IhEPmuN81P73pGgRth1xNw==
2728X590260.skimlinks.js
s.skimresources.com/js/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/2728X590260.skimlinks.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5bed23fd14a3a91bd05416552192286c4bfa2bce09805338004d7ad1fbfec3e

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 09:40:39 GMT
server
AmazonS3
x-amz-request-id
4KVD26K86JNPYPDV
etag
"28d6246f8e0512347306143f9ec03c2a"
x-hw
1629724758.cds133.fr8.hn,1629724758.cds216.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
25540
x-amz-id-2
cluusGWyBl6LAdUliLh3u0ozx5sx+N4LTzreno2J917NuqaZeJTEPIjn5uPCO5YM
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/SgN3NPpAChpt2/www.neowin.net/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 30 Aug 2021 13:19:18 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		178 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.neowin.net
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/SgN3NPpAChpt2/www.neowin.net/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:da00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50620886c101862d378bb6aafe054417e7b0b8a0892b55e15fbf0f745936a797

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:14 GMT
content-encoding
gzip
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 29 Jul 2021 15:24:18 GMT
server
AmazonS3
etag
W/"b1b5d6c1aaffca164d90c41bda6397b2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
zTkBa8XUpQ7QR5VMnJh1_Co3kQ-NaBRvkQWotjIaaXyw7c21t_jigg==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
337
date
Mon, 23 Aug 2021 13:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 23 Aug 2021 15:13:41 GMT
sprite.png
cdn.neow.in/news/images/orion/
Redirect Chain
  • https://www.neowin.net/images/orion/sprite.png
  • https://cdn.neow.in/news/images/orion/sprite.png
85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/orion/sprite.png
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/css/orion/orion.min.css?ver=e6d7005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31cc3abe0ccc58832b033d98b03262bf538cd5a850e3b57612151d5282bb07f3

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 00:19:53 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jul 2019 17:29:30 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:development/uname:neowin/gid:506/mode:33204/mtime:1538737166/atime:1538737166/md5:e8e2f46ae6c64bd8350d9ae4d1860f1c/ctime:1538737166
age
10155566
etag
"e8e2f46ae6c64bd8350d9ae4d1860f1c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315569520
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
86848
x-amz-cf-id
thNkZ54_IbMunDMxmgD1ar3LSJ8vDx8Kehjj-wOhXIu94IOWsUNAIA==

Redirect headers

date
Mon, 23 Aug 2021 13:19:18 GMT
x-server-name
web4.rdg.neow.in
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://cdn.neow.in/news/images/orion/sprite.png
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
162
server
nginx
social-white.png
cdn.neow.in/news/images/orion/
Redirect Chain
  • https://www.neowin.net/images/orion/social-white.png
  • https://cdn.neow.in/news/images/orion/social-white.png
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/orion/social-white.png
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/css/orion/orion.min.css?ver=e6d7005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d7e550df7f93b38ecd55cbacaf782a76d5a38a810f95c0c06b023954b73965f

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 14:53:54 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Sun, 15 Aug 2021 14:51:58 GMT
server
AmazonS3
age
685525
etag
"157a536918b4fb86612da1b1e4ea9c66"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
19651
x-amz-cf-id
rlEVUsVUu0KN6x9vcaLVQKJH35pnoMlOIDzQz3OlipIbQGR1soGBvg==

Redirect headers

date
Mon, 23 Aug 2021 13:19:18 GMT
x-server-name
web4.rdg.neow.in
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://cdn.neow.in/news/images/orion/social-white.png
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
162
server
nginx
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.neowin.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:17 GMT
x-content-type-options
nosniff
age
564601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:17 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.neowin.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
564562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:56 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.neowin.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
564562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:56 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.neowin.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:33:02 GMT
x-content-type-options
nosniff
age
564376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:33:02 GMT
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=88548
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-22-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d3ac85662add00ea07d0f8db8946e50a2a8c4d403f379c69b5294ad99c252454

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
expires
Mon, 30 Aug 2021 13:19:18 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=89006
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-22-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
56f727a22e798992fabc9c63625a88ad91bd22b4cd4cc1bfb4a5a5517156756d

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
expires
Mon, 30 Aug 2021 13:19:18 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
1627582940_windows_11_hero_smallp.jpg
cdn.neow.in/news/images/uploaded/2021/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/07/1627582940_windows_11_hero_smallp.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
431662d41ca41dab60ef2e6e42054bcd7d42ea34336bc92c9ec96c21e9901e0a

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 13:05:34 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jul 2021 18:22:24 GMT
server
AmazonS3
age
1988025
etag
"19e8ceab967420caaeffc15e5a5cd377"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
10845
x-amz-cf-id
5Sf7idM5QMAocFe_IN7Sxjl06kpzlcPPB9I2AFRm_pfxiLlICWWOVg==
1629041147_w11_smallp.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629041147_w11_smallp.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c0ed6a0b8047c8f410d6ce12819b6af035d37bf6d25546d18937cd749ceac89

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:27:41 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Sun, 15 Aug 2021 15:25:51 GMT
server
AmazonS3
age
276698
etag
"17a63902c6222650c4601c9cca631cad"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
8435
x-amz-cf-id
HgWH1tt60QNs5AQCwwAsI5LY_bMIgTfyk7jz4wToz5QoZxtBAOFmcA==
1629308673_windows_11_insider_preview_iso_1_smallp.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629308673_windows_11_insider_preview_iso_1_smallp.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd5d57c28747e1e8fbc1dda857edcbe00ecef258f0292171d745517af40b90c2

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:31:40 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:44:43 GMT
server
AmazonS3
age
276459
etag
"31116f1da2c1f5ff9c8ca598549dace1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
13559
x-amz-cf-id
8CXgqL1iOAzj1fGc7pBz7NOFIBChnkLqrVZZrTdYzUx7dS_LsJHBHg==
1629551217_twirl-27-newsletter_smallp.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629551217_twirl-27-newsletter_smallp.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f6f8f356a938b1ebe20d35d7e556fe7086cc4032040cd4744721236d2026e84

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 16:13:45 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Sat, 21 Aug 2021 13:07:01 GMT
server
AmazonS3
age
162334
etag
"4d96e67a5b98180e05082bfe25015f55"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
22445
x-amz-cf-id
hS_--wUxw-vpXqXyWBxW_wh7pBwSKEeOqcC9f8hSiJZoxawIchxEew==
1531260305_screen_shot_2018-07-10_at_3.03.44_pm_small.jpg
cdn.neow.in/news/images/uploaded/2018/07/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2018/07/1531260305_screen_shot_2018-07-10_at_3.03.44_pm_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcf65ea58c77ad703d4bb54404fb73900992f892c84eaaaa4336f5213d2f464f

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:47:12 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Tue, 10 Jul 2018 22:05:11 GMT
server
AmazonS3
age
477127
etag
"5fb538428bc98fc54e1e4b8ab4f32f1f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
2317
x-amz-cf-id
MUoYdHOhXEVhWEzZ5J2zn987DPJkP_Ec7mBCeJxz_xz3iGi-6OIZFg==
1575303113_t-mobile-nationwide-5g-map_small.jpg
cdn.neow.in/news/images/uploaded/2019/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2019/12/1575303113_t-mobile-nationwide-5g-map_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26b2cbb09df7af8f20289b66af160a1b5de48821aa9b01169dad2b418f03784a

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:53:54 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Dec 2019 16:11:59 GMT
server
AmazonS3
age
451525
etag
"1c281ea30e22619b86ed9c6ba4eab939"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
4067
x-amz-cf-id
dWeK7aK8WNvpKzAaLAiSm28WyZyRY2sjExGWlKm7ss7o2o9pstLPbQ==
1621950386_mac-mini-ports_small.jpg
cdn.neow.in/news/images/uploaded/2021/05/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/05/1621950386_mac-mini-ports_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2958c71ebe3c1c42c3bbdf4e4cda5173c82ec4289ff5d323cd961ffae93c1225

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:20:17 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Tue, 25 May 2021 13:46:33 GMT
server
AmazonS3
age
43142
etag
"7fd9beac6ca38ca363b56328fdb55068"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
2140
x-amz-cf-id
2ZNA94ecRvvq1AkpcfhVay6WmBvBTmmbWnKlpvlQXFPO2jgM422HIQ==
1629607892_win11-widgets1_small.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629607892_win11-widgets1_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
010170e9494761e571d7b5f4ff56b6ba3563849acb610c4d39a40cb18c8c645d

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 08:08:06 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Sun, 22 Aug 2021 04:51:39 GMT
server
AmazonS3
age
105073
etag
"70901e11ca567eb200ab0ef02967f500"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
4449
x-amz-cf-id
rK0p0q9LR23Jg4wvwSLgacCNcNaKeILKRKfbiIUnud97NzUiX5SlyQ==
1629635612_msw-20210822_small.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629635612_msw-20210822_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed2724fa694861b0147c0138d3a758c585be0c695cd9f1d377b05037d16b6a18

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 12:46:19 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Sun, 22 Aug 2021 12:33:37 GMT
server
AmazonS3
age
88380
etag
"292443a6c7d62bd6af709275f0959525"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
3845
x-amz-cf-id
rX3LKbg8qsjl6reOu9WFuXVY_tMRT8QIhbRXR7iSYyMegrj5gcgVwg==
1629390095_features_small.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629390095_features_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d878f562c11436051aa864b2419af363327b1d093b65928557dd66b83500b2ad

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 17:14:14 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Aug 2021 16:21:41 GMT
server
AmazonS3
age
331505
etag
"e6b4dddfd02256890773b1b5379ec1d7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
2909
x-amz-cf-id
tp2bsWHQOc5EA_M-bLiSPEbiGwCrlAM8Ev8yzyddEVlUETCjKHKNvQ==
1573068170_basilisk_ultimate_medium.jpg
cdn.neow.in/news/images/uploaded/2019/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2019/11/1573068170_basilisk_ultimate_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d64ca26acc000200dc65147608485c4794baf9a62d1258a971cd35771ccd4a3

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:57:05 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Nov 2019 19:22:54 GMT
server
AmazonS3
age
19334
etag
"51e80b0a552152c5debd4aa699a60a31"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
12984
x-amz-cf-id
ogvZrS1pkeZQOYvn1GwTW41sfMYJbxdURhNX7q7RNw_ln02TnXt77w==
1627925305_windows-365_medium.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1627925305_windows-365_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0ba97b4709c484c0233fcc964a7d4a66f81e39357435001824d5c811ae6a37a

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 17:28:32 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Aug 2021 17:28:30 GMT
server
AmazonS3
age
1799447
etag
"dd9fe51a87864a383210e87399c39bd6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
12702
x-amz-cf-id
l34qtzVTgOUc_WONcknehsFnOy6AP3AlUEp9dPIBYWLwTZZm1IgtmQ==
1488557261_windows-10-hero-wallpaper-2017-01_medium.jpg
cdn.neow.in/news/images/uploaded/2017/03/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2017/03/1488557261_windows-10-hero-wallpaper-2017-01_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
705f5366abf38dbf00c210f0f4cfa0434cd0480a8bfa9619e5a5c75159610cdd

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 06:31:24 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 16:09:03 GMT
server
AmazonS3
age
370075
etag
"0b900f84c7109c6d13b0a5a2ae650610"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
9629
x-amz-cf-id
oiXx_Fe_n9zNWOZ8r6vs9j3ymEP2F1tkQ8H0h4biq6nNc75VhUu1Gw==
microsoft-security_medium.jpg
cdn.neow.in/news/images/uploaded/2016/03/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2016/03/microsoft-security_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4984c87f1eec6a753e4575a76d11ae77a06d658d7e8ba702b11c3b37b52a0890

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 02:22:37 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Sat, 18 Feb 2017 16:01:14 GMT
server
AmazonS3
age
5050602
etag
"2fa97d82f40dc188ee6979f73f79abd5"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
7625
x-amz-cf-id
xI1gWzTH4OaXi0ThwdxoDRwY6B_0WHS2lciqP791Y5XM1TenPlmE8w==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44d3228fb5ac93694629d8403e3b0b7bd0676318f6bdf35ce77fc12bfbc19a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SCYvE5upt+EnPHUesfIznA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1689
x-fb-rlafr
0
x-fb-debug
0rtZE4pFSEZ+JrUWLvQgnakmWqz3SbdNRrNzV5rXlbfxWqUdyXqLywHpxPS0Up6Tljsh7VPmC/r9gTNQGM5zMQ==
x-fb-trip-id
686109401
x-fb-content-md5
fb2e26f696f342e8cec019713e0088e0
x-frame-options
DENY
date
Mon, 23 Aug 2021 13:19:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"980288691ab4fbd9675bc2ef65643095"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 23 Aug 2021 13:20:54 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:19:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1014
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28872
x-tw-cdn
VZ
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/67F2)
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=324833163&t=pageview&_s=1&dl=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&ul=en-us&de=UTF-8&dt=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1251795332&gjid=119938238&cid=1205619116.1629724759&tid=UA-7094499-1&_gid=288636625.1629724759&_r=1&_slc=1&z=66680256
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.ThreeDots.min.js
cdn.rawgit.com/theproductguy/ThreeDots/50f2b38b5dc3f92ff2095e5804e73baf66e5b2b5/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rawgit.com/theproductguy/ThreeDots/50f2b38b5dc3f92ff2095e5804e73baf66e5b2b5/js/jquery.ThreeDots.min.js
Requested by
Host: widgets.stackcommerce.com
URL: https://widgets.stackcommerce.com/js-deal-feed/0.1/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
b3aea2998f99cfec50422dd591f08fb0151a3d6460f2b4b8d152118cebdeda56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
756
access-control-allow-origin
*
cdn-cachedat
08/11/2021 06:10:12
cdn-pullzone
201235
server
BunnyCDN-DE1-756
rawgit-cache-status
HIT
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
cdn-proxyver
1.0
cdn-requestpullcode
200
x-robots-tag
none
vary
Accept-Encoding
sunset
Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
539af8db8b00feab6c0a920f1d9c0398
content-type
application/javascript; charset=utf-8
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
jquery.unveil.min.js
cdnjs.cloudflare.com/ajax/libs/unveil/1.3.0/ 		945 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/unveil/1.3.0/jquery.unveil.min.js
Requested by
Host: widgets.stackcommerce.com
URL: https://widgets.stackcommerce.com/js-deal-feed/0.1/widget.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f441839a30400536a7929981076ef3a81faf302fdfef53922dad563c13e8af8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
406162
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
429
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04016-3b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQ4XB5%2FhnYstwbWSsP1QJM1iqRKNs6djbST8CvEG2V1ZGN8ToqetFav%2B1BQmAxzsQrd02Kngv%2B%2B8TIbHbJ%2ByIPHK049%2FzBZgkUyGawAmeuuCAmirop2V8zJnNYofadQzRcj9melfZUvuO3aNJIAB26z8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6834a1bd8b3c4351-FRA
expires
Sat, 13 Aug 2022 13:19:18 GMT
jquery.waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js
Requested by
Host: widgets.stackcommerce.com
URL: https://widgets.stackcommerce.com/js-deal-feed/0.1/widget.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
405919
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2417
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-2281"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhzRMhgyaJVh%2F1XwLO21H%2BvqoD4gft2Cae1E9cjsE5TL9%2FidfwztsEzvkz42dDvshZQXjMFi3pF1FKJhpGqQq%2BvHhKsu0FKaLE8EFFlacIW%2BbORjjQANihkjNI5xNaICH6O6Q0bpKJUMt%2F8wb7KOa7NW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6834a1bd8b3f4351-FRA
expires
Sat, 13 Aug 2022 13:19:18 GMT
widget.css
widgets.stackcommerce.com/js-deal-feed/0.1/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.stackcommerce.com/js-deal-feed/0.1/widget.css
Requested by
Host: widgets.stackcommerce.com
URL: https://widgets.stackcommerce.com/js-deal-feed/0.1/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-69.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18037177fb3b5b24b138a42afeee4cc8a8fa31950cb09161685c2a947e332e4c

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:29:51 GMT
content-encoding
gzip
last-modified
Tue, 14 Mar 2017 17:54:41 GMT
server
AmazonS3
age
3004
etag
W/"6ce9ce01ae572250ecedb501e7895100"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
2Etq9iGnkyBEptfrhwoSbkM-IM6RExL2JmsmrHny2SpHylFhNv1L2g==
robots.txt
t.skimresources.com/api/v2/ Frame 9BAA 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.16200482561582885
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=2.011517962804078
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=2.011517962804078
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
darkside-theme.png
cdn.neow.in/news/images/orion/
Redirect Chain
  • https://www.neowin.net/images/orion/darkside-theme.png
  • https://cdn.neow.in/news/images/orion/darkside-theme.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/orion/darkside-theme.png
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/css/orion/orion.min.css?ver=e6d7005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6cc91c910f7613382d4b94adf8fe4e292bf4cd72cf8c3ab767167b06fb5b76c

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 16:24:30 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
age
1284889
x-cache
Hit from cloudfront
content-length
1353
last-modified
Sun, 08 Aug 2021 14:56:47 GMT
server
AmazonS3
etag
"89c6fdb4219953ad457df38f5d6a01b0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
6vvgzljOyxOAxarXm0G3QWTznpXtqOe7WaoJfG1XuIq67DLzQlCAYQ==

Redirect headers

date
Mon, 23 Aug 2021 13:19:18 GMT
x-server-name
web4.rdg.neow.in
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://cdn.neow.in/news/images/orion/darkside-theme.png
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
162
server
nginx
1629367065_win11-search1_mediump.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629367065_win11-search1_mediump.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dcac2f73e2ea39db98f19c6cd3c8cbb0d495ad0efb15490ed303c343e9fcbea

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:40:10 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Aug 2021 09:57:50 GMT
server
AmazonS3
age
275949
etag
"598889f169771dc1f08427045f90b61b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
34560
x-amz-cf-id
YabrCV2an6LrErgzAAEFukFs5i8AtJyOgtUbsg1CRwS2xdEXZ6MyiA==
1628115943_all-devices-neowin02_mediump.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1628115943_all-devices-neowin02_mediump.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07c71e3cc9af3ecfc208382533fff96ea589dbe72aa1ab7a48673df930e6a834

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 09:10:32 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Wed, 04 Aug 2021 22:25:49 GMT
server
AmazonS3
age
1310927
etag
"be38d01bf7e9407f55840f41503720d4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
29848
x-amz-cf-id
0scjaxIyqijXKnP3-33L0Mw890lWifQavZXI6c0iVIo2tzcoIpBgIw==
check
connect.scroll.com/embed/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.scroll.com/embed/check
Requested by
Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.100.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.neowin.net
access-control-allow-credentials
true
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
alt-svc
clear
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
96XhsjGsBxsrm3kyucJOVw9g9hT2d.yB
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
39719
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 21 Aug 2021 01:59:01 GMT
server
AmazonS3
date
Mon, 23 Aug 2021 02:17:20 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
lMK_JNAfLrjxc73mfjCB9YReNIIHy9RsAXAd_3HcZkZVd8EXyhfKOQ==
geocc.js
g.pcmag.com/ 		184 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.pcmag.com/geocc.js
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:19:18 GMT
Connection
keep-alive
Content-Length
184
Content-Type
application/javascript
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=324833163&t=pageview&_s=1&dl=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&ul=en-us&de=UTF-8&dt=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABAAAAAC~&jid=1123775025&gjid=1084361267&cid=1205619116.1629724759&tid=UA-25910482-16&_gid=288636625.1629724759&_r=1&_slc=1&z=895803760
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-14.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 23 Aug 2021 12:55:00 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1458
etag
W/"1827f116c73f319409b97f10b8a58ade"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
dfEXjW_XSF3fdm6873OwwAiaGPRaS-gNXZ295NkiOP6ZReoKI85jjQ==
z0WVjCBSEeGLoxIxOQVEwQ.min.js
cdn.static.zdbb.net/js/ 		86 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0fc690fecfd26a2aa2c2bd9c20ed1a8952df3e80844fa9fdc29dadb720e93241

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
_kUvHqi3RCzTcnffvtfrGF6HZj18KxyA
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 19:48:45 GMT
x-amz-request-id
KFJWC62AVYSGW3KB
date
Mon, 23 Aug 2021 13:19:18 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
24698
x-amz-id-2
h36kGApHTRirAlUnpkEsCTPR/gp46A03EY2rf25Ch1xMFKTQbxHZchJVh4xCdmrT2rqscrNFyu8=
expires
Tue, 24 Aug 2021 13:19:18 GMT
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-us.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
.KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding
gzip
etag
W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified
Mon, 12 Oct 2020 13:35:53 GMT
server
AmazonS3
age
22805
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 23 Aug 2021 06:59:14 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
_lmoKvzeFc3DM6R7QDMzM_W7Gh9Y_GO0dxcCkmcm_bP57MNNSRSqSw==

Redirect headers

location
https://cdn-gl.imrworldwide.com:443/v60.js
date
Mon, 23 Aug 2021 13:19:18 GMT
server
awselb/2.0
content-length
134
content-type
text/html
nsgpt.jsonp
ns.zdbb.net/ 		484 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ns.zdbb.net/nsgpt.jsonp?u=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39cb48a7fce641831a65f395c68c9bab8afd438128a95765b5f40968122cf882

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.neowin.net
cache-control
max-age=31
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
296
expires
Mon, 23 Aug 2021 13:19:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
1eead0d4142e685a5e4dfda25f1e00fed3f785b05b26490561d9f092f56efb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"967 / 633 of 1000 / last-modified: 1629717241"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25446
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:19:18 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3916&u=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.neowin.net
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
FN4fEtWIvQCevoWj_cIfKcBaFFsCFLZcBFvtMP4_P1Ndpt-T3ur-gA==
/
gurgle.zdbb.net/ 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gurgle.zdbb.net/?domain=netshelter.net
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.238.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-238-226.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.neowin.net
date
Mon, 23 Aug 2021 13:19:19 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-7094499-1&cid=1205619116.1629724759&jid=1251795332&gjid=119938238&_gid=288636625.1629724759&_u=IEBAAEAAAAAAAC~&z=1045500391
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 23 Aug 2021 13:19:18 GMT
content-type
text/plain
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01FDSJMMQ5REWBZVP1G5F4Z8GG&persistence=1&checksum=23b4e00818f6b8d26e82903d6bee326b7a323db4f9502413c20d5e15a443a11c
200 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01FDSJMMQ5REWBZVP1G5F4Z8GG&persistence=1&checksum=23b4e00818f6b8d26e82903d6bee326b7a323db4f9502413c20d5e15a443a11c
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
7e28d79ce3a1befd2fe80c6ef959da62a50502a7bb058461ee7c5dab1cc51cc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.neowin.net
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://www.neowin.net
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01FDSJMMQ5REWBZVP1G5F4Z8GG&persistence=1&checksum=23b4e00818f6b8d26e82903d6bee326b7a323db4f9502413c20d5e15a443a11c
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
/
graph.facebook.com/ 		202 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F&_=1629724758555
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f2d175484f52e1aa69e5f62ceda8e408db0c77eca4160f01dd9a605725e6c3c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004291465
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
149
x-fb-rlafr
0
proxy-status
http_request_error; e_clientaddr="AcIl6raDPWOFu_AFKZbtcaZ1bZGNNKB23FAk2zjxrCbwpesIjnb85HBdAR969EBnvP9pLyDR8CcuabTnjmsTh4ANwLMFrQ"; e_fb_binaryversion="AcKRZweHGxS9DVtzOTHiUEKE5fRNkZd7nrYcxY0i9cCRkSL2aUOO3P63An6vllYgp6mIVug9kCvqHoH842zBylMrxtGnOWRJTWc"; e_upip="AcLz7qRG5vEQOV3tKFUal6kU7Eh5rtxBlXYosWZnsDPqabNgMCEo2Tnh2DfQm96qaSNqoI0XtQMd-0U1fbuF4lSt9sTRp7ifWA"; e_proxy="AcIbgMVOW55_zBHbVZXxWj54ha_D2f9A-cXaVegpy4Z8ruzZHQ-8RBkvLELoAYCTkCS12C_EYvuj9EM"; e_fb_builduser="AcKzozhdcf3E9jK2TPuoImkm4Bx4vRCmfd318_x6tZmGWU6_rP1HtLsarotNYFTMFs0"; e_fb_vipaddr="AcLzVjChJkU1VoJQhwJqsIIaUqN1W7UI_WBsB4BjMV6UvpJroOtASjaiog7dTLhyn-7EQjlsZ8redrL_HW1isMBkk6wfQj1TAbfp", http_request_error; e_clientaddr="AcLXEeacIQ4wrL-0-CZexl_BbBUEU13OGV5tzmIuByZ8gS4zhIXJYZWG34hMvKhSR-JH6k_Tsl_G2VJMdJZuVAtjofcQakwDzr_WVhjH8h7w"; e_fb_binaryversion="AcLheevz58IUyj-x-1evh-qV7nL4OphMPEYVjA8dd5lHxrXnpEGERsuM769IBgeUFBM_mXPECOshAcTvNzAdlEK0UFH9upc7L30"; e_upip="AcL9vBBi3uxqRInV7gTK19QCZOAfdfhWCrmEJA9IZftBH06okYJJp5vk9HLwcqb1dItafC7Q3h1fO7GwTxufvVTViy8UjRNr8w"; e_proxy="AcIeuSLIoj08usJrTIoSuylXjOLdPznWYNhYO9b-DWICG_R_i2g4QZpITfbOPRz671-hD4ZW2WxNu49o9Cuu"; e_fb_builduser="AcJfzG9GJC_LAa052UM61av1f_7zxGKba0jjMIK9j8JxBTXkuyww-9IbdMXvyBXsqNo"; e_fb_vipaddr="AcJloJWfxD0OhH6HYVTTf0_4aN2v6uDUecbsko_NRzJdAJ_rghzQizanq-2FaAJLlD3xvbJrhzN0C28c4ZUsOqVLDVMSlAzsqg"
pragma
no-cache
x-fb-debug
3Ak5or4CPVR+S8bUwdbYpDz8XckK4NVw+gvXK/idvIT851zJZRR+ZB1hvhcLNzwdbrJol8iz8VruJccca9YzQQ==
x-fb-trace-id
CVYzhSQeqye
date
Mon, 23 Aug 2021 13:19:18 GMT
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-fb-request-id
A070U9l6V9YDSPdFFpSlU1g
cache-control
no-store
facebook-api-version
v4.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-25910482-16&cid=1205619116.1629724759&jid=1123775025&gjid=1084361267&_gid=288636625.1629724759&_u=KEDAAEABAAAAAC~&z=1920966879
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 23 Aug 2021 13:19:18 GMT
content-type
text/plain
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		235 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=329bf476c0710d31414a93832578f4e8
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f5ee163094e2ea9d1c1b22a86489d97ce089095f29c347ce3684e06cb6f8bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.neowin.net
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sfJKmYny42GQ9mO2KAtDzw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69727
x-fb-rlafr
0
x-fb-debug
k38Wm6ita43T6hWz95rNBk/s0BFAqmJeJz8fqqlHdGO6nOyuJoe+bZipBqHf9WMx6797eFHJQhY4VkA6n3LAJw==
x-fb-content-md5
a90a2e6a0ea97e93bdf53fbe35573e62
x-frame-options
DENY
date
Mon, 23 Aug 2021 13:19:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c773f8cdae473855c8f422c06136966e"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 23 Aug 2022 10:49:34 GMT
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 207D 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.neowin.net
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.neowin.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
409241
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Aug 2021 13:19:18 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
info
gurgle.zdbb.net/ 		428 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&fp=0
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.238.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-238-226.compute-1.amazonaws.com
Software
/
Resource Hash
178e862df5e42d75332a53cc846f80cfc65c2be8fba3ec27a37aae32743b68c2

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.neowin.net
date
Mon, 23 Aug 2021 13:19:19 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
428
access-control-allow-methods
GET, OPTIONS
content-type
application/json
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=8&c2=6036316&c3=1&ns__t=1629724758776&ns_c=UTF-8&cv=3.5&c8=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%2...
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1629724758776&ns_c=UTF-8&cv=3.5&c8=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1629724758776&ns_c=UTF-8&cv=3.5&c8=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&c7=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&c9=
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-14.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
JACo3u2rk2DtiolFHp5CYOnNgK7uC7T7amytKc1QIAroxpZWdXaqQw==

Redirect headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1629724758776&ns_c=UTF-8&cv=3.5&c8=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&c7=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&c9=
content-length
498
x-amz-cf-id
y9PTRMLbsrIQY6ZeGOctpY3bn5piY4hzoaLWdNI9e_0uiqX9YzDnKQ==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=324833163&t=pageview&_s=1&dl=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&ul=en-us&de=UTF-8&dt=CISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABAAAAAC~&jid=308087946&gjid=858614132&cid=1205619116.1629724759&tid=UA-21555618-14&_gid=288636625.1629724759&_r=1&_slc=1&z=1918945633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sales
api.stacksocial.com/v0/search/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.stacksocial.com/v0/search/sales?per_page=5&publisher_id=96&sort=best_sellers&category_ids%5B%5D=&_=1629724758556
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cc71e169f0661dfbc6230e5a704d39d124fe562dd4831494dc08364e0766c64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
status
200 OK
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, DELETE
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-request-id
30702791-561b-455c-bb57-4f8147b0b6d5
x-runtime
0.132272
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"9cc71e169f0661dfbc6230e5a704d39d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
cf-ray
6834a1bebd2b0eaf-FRA
truncated
/ 		132 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6acb12ffbec935bad7832f11f79b7019c1cda2412c98cc6d05cf7bcb55add36b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-21555618-14&cid=1205619116.1629724759&jid=308087946&gjid=858614132&_gid=288636625.1629724759&_u=KEDAAEABAAAAAC~&z=1501583345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 23 Aug 2021 13:19:18 GMT
content-type
text/plain
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-SgN3NPpAChpt2.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-SgN3NPpAChpt2.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:13:31 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
server
AmazonS3
age
346
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
content-length
2
x-amz-cf-id
KmOsB7LDJuaiOMkbgJ09icKuUKznRWmAoEucfOXPXg243iUzgLMr6Q==
ga-audiences
www.google.com/ads/ 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-21555618-14&cid=1205619116.1629724759&jid=308087946&_u=KEDAAEABAAAAAC~&z=2073288738
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-21555618-14&cid=1205619116.1629724759&jid=308087946&_u=KEDAAEABAAAAAC~&z=2073288738
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
i.skimresources.com/api/ 		217 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.skimresources.com/api/?version=10&js=1&callback=instantDataCallback&data=%7B%22instant%22%3A%221%22%2C%22page%22%3A%22https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%22%2C%22pref%22%3A%22%22%2C%22pubcode%22%3A%222728X590260%22%7D
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/2728X590260.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.81.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
209.81.96.34.bc.googleusercontent.com
Software
Apache / PHP/5.3.3
Resource Hash
bec77d70dc0734024697b2fa504b24d32bd6bc78c4020534e453410b4deebfd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/5.3.3
content-type
application/javascript
access-control-allow-origin
https://www.neowin.net
access-control-allow-credentials
true
alt-svc
clear
content-length
217
link
t.skimresources.com/api/v2/ 		22 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/2728X590260.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.neowin.net
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
pubads_impl_2021081801.js
securepubads.g.doubleclick.net/gpt/ 		332 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Aug 2021 08:38:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118094
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:19:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		131 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.neowin.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1a20e4bb8c542c653df5cee2158235429c95f4b66f12ad43c1b6fea37ffd08a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:19:18 GMT
settings
syndication.twitter.com/ Frame 207D 		232 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=cc9b78c2297ac07f8cca5cdd12a3001ef58790dc
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.neowin.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 13:19:18 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
20c7a977cdc1a27e70f3ad2e649cca160d0b7c3e5fd1728b402cd9628f156383
content-length
166
output.js
www.zergnet.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=89006&time=1629724758886&sc=1&callback=json5498865
Requested by
Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=89006
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-22-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1d54a983be77d6562d94b71952f1f509c43fb7bd84e03b277771c850efab3bd

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:18 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
i.skimresources.com/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/2728X590260.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.81.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
209.81.96.34.bc.googleusercontent.com
Software
Apache / PHP/5.3.3
Resource Hash
3ddaaa629d52d19b50e6a90e5937332d4308d189e9a55065b489213b8c89cb72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 23 Aug 2021 13:19:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/5.3.3
content-type
application/json
access-control-allow-origin
https://www.neowin.net
access-control-allow-credentials
true
alt-svc
clear
content-length
3345
arj
ziffdavis-d.openx.net/w/1.0/ 		219 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ziffdavis-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=1f41cd10-409f-48ca-a4e7-c6df0f881fd8%2Cc12621d8-841e-4b4a-aed1-204800eb913e%2Cbde00cf3-943a-4637-ac87-7b71679acb69%2Cd683ecef-e679-4857-b97f-800a338d3b6b%2Cba759066-85be-4cbd-a901-00b96a0f687e&nocache=1629724758998&gdpr_consent=BOQf-JpOQf-JpAKACCENBQAAAAAduAAA&gdpr=1&x_gdpr_f=1&aus=728x90%2C997x123%2C970x250%2C970x180%2C970x90%7C728x90%2C468x60%7C300x600%2C300x250%7C300x600%2C300x250%7C728x90%2C997x123%2C970x250%2C970x180%2C970x90&divIds=nsgpt-billboard-1%2Cnsgpt-leaderboard-1%2Cnsgpt-halfpage-1%2Cnsgpt-halfpage-2%2Cnsgpt-billboard-2&auid=540322683%2C540322683%2C540322683%2C540322683%2C540322683&
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
81ef8aa9cfa550a9aedaa7b7203b1c823fcbeb36520c78708dfead7aa1625336

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.neowin.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
200
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		600 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7e8df8e5fea8752e1707724b6a599480de5a927bdeace064dc4c37fb6ec50d24
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 23 Aug 2021 13:19:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dc10e135-76f3-4150-816c-86aca7485729
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.neowin.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=7529&slot=%7Bid:nsgpt-billboard-1,ss:%5B728.90,997.123,970.250,970.180,970.90%5D,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-leaderboard-1,ss:%5B728.90,468.60%5D,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-halfpage-1,ss:%5B300.600,300.250%5D,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-halfpage-2,ss:%5B300.600,300.250%5D,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-billboard-2,ss:%5B728.90,997.123,970.250,970.180,970.90%5D,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-oop-footer,s:1.1,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-oop-stitials,s:1.1,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-oop-inpage,s:1.1,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-oop-skin,s:1.1,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-oop-inline,s:1.1,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-oop-masthead,s:1.1,p:/4585/ns.neowin.net/general,t:display%7D&slot=%7Bid:nsgpt-oop-native,s:1.1,p:/4585/ns.neowin.net/general,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=af565fdf-c32e-ef6d-10ef-dd2ba1058954&url=https%253A%252F%252Fwww.neowin.net%252Fnews%252Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%252F%253Futm_source%253Dfeedburner%255Cu0026utm_medium%253Dfeed%255Cu0026utm_campaign%253DFeed%25253A%252Bneowin-main%252B%252528Neowin%252BNews%252529
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.212.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-212-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c0b2b3cbd10e65e0ca7d44a8d718c668b722057f7d9a6fd5e877c77029121f85

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:19 GMT
x-server-name
app09.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.neowin.net
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
page
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/2728X590260.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.neowin.net
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
6733235_300.jpg
img4.zergnet.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6733235_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4839b7b89baae3d8b0be135d91d866b2fc7349d559fb6bba507e37f8c447fdf5

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:19:00 GMT
Via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
Age
20
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
13850
Last-Modified
Mon, 23 Aug 2021 13:14:38 GMT
Server
AmazonS3
ETag
"474a62c79d978a956ecb3653514076ba"
x-amz-version-id
c8OxqHk3Ttbbhci3ixVF4VRcfEggw77L
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
p0jRZolCs3FbKaHCQ50goz0aGtmqz3fzg5whFeWc_YQC2JGqAiNecg==
Expires
Tue, 23 Aug 2022 13:14:37 GMT
6703674_300.jpg
img5.zergnet.com/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6703674_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-71.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb25d9cf3f0c9c7cd5ce86800b252cab0a997d14cacd3acb03ee64870eb15f1c

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 14:58:47 GMT
Via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
Age
1117233
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
25957
Last-Modified
Tue, 10 Aug 2021 14:42:53 GMT
Server
AmazonS3
ETag
"626169660f8cb2d9451c552d0cddae4b"
x-amz-version-id
9V2DjWEHEYVccFC6vn8liJAUBC.Xv6pf
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
ItI7xvfBGkIXBm4oG95BF6bEW7EdxxNRFhXUtESkGyok522cqm9h5A==
Expires
Wed, 10 Aug 2022 14:42:52 GMT
6704539_300.jpg
img4.zergnet.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6704539_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
275ae15a92a8d310d7e55b834449ae3d2fc1118f217ef496b83ffc96b213c10c

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 18:23:11 GMT
Via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Age
1104969
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
17032
Last-Modified
Tue, 10 Aug 2021 17:54:29 GMT
Server
AmazonS3
ETag
"b209030c6ea44cdc30d613f6b6205df4"
x-amz-version-id
WJm3A4DTrByCHc500oSGDmpLlIxPYEss
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
FxQNZr32G2-bect1HvnvaaM1tAkj89X4_4heGm0Mxu02lNuvfGrseA==
Expires
Wed, 10 Aug 2022 17:54:28 GMT
6705076_300.jpg
img1.zergnet.com/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/6705076_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-54.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333e5118625c1a8832f283e066ac1f3dbbf676a75a3d8d858e4dfc72665f344f

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 20:16:57 GMT
Via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Age
1098143
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
33879
Last-Modified
Tue, 10 Aug 2021 19:58:37 GMT
Server
AmazonS3
ETag
"1025a91651a037588d015098c63780a5"
x-amz-version-id
F2gBkC2J5xMlgBNEvvnbakf3VhGuiZ72
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
TsndLo-Gw9zzGWpgzC1BgBV-x6pbUPqQ7YFKgy34Z3aHNE_j5ze3fA==
Expires
Wed, 10 Aug 2022 19:58:36 GMT
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:19:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/67F2)
Age
409245
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
bid
c.amazon-adsystem.com/e/dtb/ 		152 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3916&u=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&pid=bvCA4PKAiBscC&cb=0&ws=1600x1200&v=7.67.00&t=800&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22997x123%22%2C%22970x250%22%2C%22970x180%22%2C%22970x90%22%5D%2C%22sn%22%3A%22billboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22leaderboard%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22halfpage%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22halfpage%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%2C%22997x123%22%2C%22970x250%22%2C%22970x180%22%2C%22970x90%22%5D%2C%22sn%22%3A%22billboard%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e6498b058e63a32a40d7b5ec8dbf6dd716d46b1d364badb62fc8cdfc9054689b

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:19 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.neowin.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
148
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
x-amz-cf-id
BsmY5EeJ0sdUE7h4tNcPnnrXiq6lqDI-525OwRPkICnRQp4Xy0aC_w==
follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame 5208 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.neowin.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
409242
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Aug 2021 13:19:19 GMT
Etag
"a237d70af6aab8c30f8fef9c8de02f69+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:41 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67F2)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13651
follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame FE92 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.neowin.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
409245
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Aug 2021 13:19:19 GMT
Etag
"a237d70af6aab8c30f8fef9c8de02f69+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:41 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13651
z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=8638389d-8334-466b-94ff-249566c04293&zd_location=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&evidon_consent=undefined&third_party_consent=&fu=true
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.26.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-26-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:19 GMT
content-length
43
content-type
image/gif
output.js
www.zergnet.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=88548&time=1629724759087&sc=1&crc=%5B1161517939%2C4079431403%2C2005700789%2C625521467%5D&callback=json3758016
Requested by
Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=88548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-22-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
19e992bd1d3922b702e8df34080fc8dbd8b69a53d62e5baeba561b4ca1cbff6f

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 5208 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FE92 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
6705080_300.jpg
img1.zergnet.com/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/6705080_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-54.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5481b310796d051c8c07cb5e35fc34cf144e9e45c2e956dba641c0d8fe9a6ed

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 20:16:57 GMT
Via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Age
1098143
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
17863
Last-Modified
Tue, 10 Aug 2021 19:58:54 GMT
Server
AmazonS3
ETag
"ce217a3aa555801dbd0d1f8f56345244"
x-amz-version-id
.Vd.k8gJNdI.FH1z8l2aXxZoJhCTR_qn
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
oCayIuWSk4bMMfXFYoEdZbOKTRXRH9FDPQprQemKIc7yq9p8doL87g==
Expires
Wed, 10 Aug 2022 19:58:53 GMT
6704248_300.jpg
img1.zergnet.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/6704248_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-54.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1253d67e48346c133e06718bf1fcb1910357b59f0c8d34fbbe4fb9a297339e7

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 17:05:41 GMT
Via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Age
1109619
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
13535
Last-Modified
Tue, 10 Aug 2021 16:57:11 GMT
Server
AmazonS3
ETag
"057a320bbe8fa8dbe5cdcd6ea7f35c82"
x-amz-version-id
mAkQ2czZihB08idC04GFiWXygeMFiifs
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
tFW74M-SIGuxQdZhMUpZhrh4UFSBtuyhyDGxj_5TNWAXqn7ZX_5Jrw==
Expires
Wed, 10 Aug 2022 16:57:10 GMT
6717107_300.jpg
img4.zergnet.com/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6717107_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
beca3fb709f1e1b731c920433899763473bccb55d4e061bc1c5c762e240ee52b

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 14:13:39 GMT
Via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Age
601541
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
19844
Last-Modified
Mon, 16 Aug 2021 14:09:44 GMT
Server
AmazonS3
ETag
"a2236bc693d187b70b6fe685ac597629"
x-amz-version-id
E.88IzNLZjSqM1znv2YYyw7GCXIbEa08
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
ttsy814hv0UhBGZd4m0TPTOjre_Wa7oqDjYgnJeitHNpRSjy_Ng1TQ==
Expires
Tue, 16 Aug 2022 14:09:43 GMT
6728175_300.jpg
img4.zergnet.com/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6728175_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d53af7f5581779027349076710a86f07b091794feae1b578fe54de28f756529

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 20:57:20 GMT
Via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
Age
318120
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
15291
Last-Modified
Thu, 19 Aug 2021 20:32:24 GMT
Server
AmazonS3
ETag
"a662a7b89129e437419174229b2b9187"
x-amz-version-id
bgHBwcunhn_dTqFUottI_9zyC9.Lh6g9
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
4thQLPLKPVIYO_KHNiUTdAmNUNjWBdYlMMQcxaKJ-Lw1OxNPanmCyA==
Expires
Fri, 19 Aug 2022 20:32:23 GMT
4207244_300.jpg
img1.zergnet.com/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/4207244_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-54.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d4e83ce54a3ff32d798fe13de3beec756a89b5d829dbacfbab8847d0b4f9122

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 00:36:34 GMT
Via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
Age
2464966
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
17560
Last-Modified
Fri, 14 Jun 2019 13:48:02 GMT
Server
AmazonS3
ETag
"db1a1cdd2c6d1790e7e71fff88db25e1"
x-amz-version-id
null
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
AqezxAG-FNh3Q0Su-KU3RfYyDW6tn4Qs0pbUb1LTQHjUpH29Nmjymg==
Expires
Sun, 14 Jun 2020 13:48:01 GMT
6669466_300.jpg
img5.zergnet.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6669466_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-71.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
412592b7bb8304b8589c68c8404d3e6438e8715249c0d1fa2e1bc8a23e0610f0

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 19:41:02 GMT
Via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
Age
2396298
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
17073
Last-Modified
Mon, 26 Jul 2021 19:40:19 GMT
Server
AmazonS3
ETag
"574766133d92c9d9c0f8c70ed9f7b172"
x-amz-version-id
6kJKc1t_NMKslaSuWPH0504hZ55iZu..
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
0ic-XFC3snsAWL7aSDUFGuH7X4U_EdxAPAxujT7_hDt8R8oFxtqqiQ==
Expires
Tue, 26 Jul 2022 19:40:18 GMT
6733223_300.jpg
img4.zergnet.com/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6733223_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e3f54845516933ac435a01405cb2cb699d2f092e13910fcabf214b3fe8f78a7

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:18:56 GMT
Via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
Age
24
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
19583
Last-Modified
Mon, 23 Aug 2021 13:13:27 GMT
Server
AmazonS3
ETag
"f5bb887ebf5b295a8b97997cc9860fd6"
x-amz-version-id
smh84Shjxty.Sze3l4nF.sZ.M4zZlFJd
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
II1T9WQSkVDdZl1J9LUWCdB6VQPMxdCtj80ZRDYz7QvgOJBymRiMFg==
Expires
Tue, 23 Aug 2022 13:13:26 GMT
6721463_300.jpg
img4.zergnet.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6721463_300.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9170d2f9cb8e7710d21e958aa483eceb147ce8b2ed4f6494ae977589dbe08ff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 20:48:54 GMT
Via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Age
491426
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
20986
Last-Modified
Tue, 17 Aug 2021 20:34:35 GMT
Server
AmazonS3
ETag
"f13c728e9c4802a2a4064edce9bfd7e4"
x-amz-version-id
mSB5ZH_CH7SfZeoyyNjM1v75d_q_OLKQ
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
CN_JBnTtp-v-tyJ7DQHYzm3cXWjoggjNT6zwca6uVdjibbBAy6oFrw==
Expires
Wed, 17 Aug 2022 20:34:34 GMT
jot.html
platform.twitter.com/ Frame F8C6
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.neowin.net
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
409245
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Aug 2021 13:19:19 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Mon, 02 Aug 2021 20:34:56 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Mon, 23 Aug 2021 13:19:19 GMT
pragma
no-cache
server
tsa_o
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Mon, 23 Aug 2021 13:19:19 GMT
x-transaction
8c752a222383ed57
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-connection-hash
20c7a977cdc1a27e70f3ad2e649cca160d0b7c3e5fd1728b402cd9628f156383
sale_14499_primary_image.jpg
cdnp2.stackassets.com/f6bf00fc05b650c2e4e8fc15babc035eeb638370/store/opt/360/270/a0605dd338f922560d03aae6cb176c7a2ecaec3c9a0272050448b9f753f5/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnp2.stackassets.com/f6bf00fc05b650c2e4e8fc15babc035eeb638370/store/opt/360/270/a0605dd338f922560d03aae6cb176c7a2ecaec3c9a0272050448b9f753f5/sale_14499_primary_image.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-67.fra2.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
c6f565d8631709c33ba7c11fd7b02f23f780ce7263ad03348e8f6baddc85e4bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 04:21:49 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 04:21:49 GMT
server
nginx/1.18.0
age
17917050
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
inline; filename="sale_14499_primary_image.jpg"
x-amz-cf-pop
FRA2-C2
content-length
27586
x-amz-cf-id
86UxIbHl_PNK8XljRGtKtkRxXVQskTbw0VYE_U6O5u3oWJ8i8cs_hA==
expires
Fri, 28 Jan 2022 04:21:49 GMT
sale_299824_primary_image.jpg
cdnp2.stackassets.com/c221d260c826a6277afba23c2ee4aee59355c016/store/opt/360/270/a3ad5726e5da64cf77cc7db0f259fb723a28084784794b72f700c4787e70/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnp2.stackassets.com/c221d260c826a6277afba23c2ee4aee59355c016/store/opt/360/270/a3ad5726e5da64cf77cc7db0f259fb723a28084784794b72f700c4787e70/sale_299824_primary_image.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-67.fra2.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
54b06f69e274375ca3f0254673f2c1b79329479f7fac98e7f5de01d31d8e4722
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 07:00:30 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Sun, 18 Jul 2021 07:00:30 GMT
server
nginx/1.18.0
age
3133129
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
inline; filename="sale_299824_primary_image.jpg"
x-amz-cf-pop
FRA2-C2
content-length
5727
x-amz-cf-id
WPD7arN8knFPlAUR4G06luB5W80rKi2d1fV54jqVAP-jXtOv8LJL6g==
expires
Mon, 18 Jul 2022 07:00:30 GMT
sale_3593_image.jpg
cdnp1.stackassets.com/11a30cc3a58aaab4861660e9c89d97a2738dd53f/store/opt/360/270/2141e9bab36bdc984873485776f0ed9c32f9c17d9491300a61f96e77b6e9/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnp1.stackassets.com/11a30cc3a58aaab4861660e9c89d97a2738dd53f/store/opt/360/270/2141e9bab36bdc984873485776f0ed9c32f9c17d9491300a61f96e77b6e9/sale_3593_image.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
013ac5fde33729144e26b87413f51626bc38bff23e2cc2511951d400ae239aa8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 09:14:18 GMT
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Sat, 19 Jun 2021 09:14:18 GMT
server
nginx/1.18.0
age
5630701
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
inline; filename="sale_3593_image.jpg"
x-amz-cf-pop
FRA2-C2
content-length
17154
x-amz-cf-id
zQmkbhQfPsuIMlMfnDwL1UwANho2sWuJABOrREaorVJ7qNCbnLLG6g==
expires
Sun, 19 Jun 2022 09:14:18 GMT
sale_300576_primary_image.jpg
cdnp1.stackassets.com/75e7ac1d316766426ef426c201bba4048f320189/store/opt/360/270/299ae6d5c712f4e331a0d7f64da6fe50ce33be70df8b9dea5157e0933e48/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnp1.stackassets.com/75e7ac1d316766426ef426c201bba4048f320189/store/opt/360/270/299ae6d5c712f4e331a0d7f64da6fe50ce33be70df8b9dea5157e0933e48/sale_300576_primary_image.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
09e7ef45684fef4ce7875dd031a8853267ecc6c8175fc040c5c1ee3f47d3e317
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 00:02:23 GMT
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 04 Aug 2021 00:02:23 GMT
server
nginx/1.18.0
age
1689416
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
inline; filename="sale_300576_primary_image.jpg"
x-amz-cf-pop
FRA2-C2
content-length
5446
x-amz-cf-id
Pv7rHhF26mYk-xQiozSDMpqRXtfnA5aek-4jm2s9GlyeJXrt-HKV_g==
expires
Thu, 04 Aug 2022 00:02:23 GMT
sale_24109_primary_image.jpg
cdnp1.stackassets.com/aabc8c62680b00b8514b463720956e627830842f/store/opt/360/270/f4a6c3e7e44e6f2ca63253d2e113035a4c016a6bc8f003221710dec78fc3/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnp1.stackassets.com/aabc8c62680b00b8514b463720956e627830842f/store/opt/360/270/f4a6c3e7e44e6f2ca63253d2e113035a4c016a6bc8f003221710dec78fc3/sale_24109_primary_image.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+neowin-main+%28Neowin+News%29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9bac4e91f0dd4ba68e6f36393e9ae96540fdc6b5ad7979883b2e89fe70c2730d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:15:20 GMT
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 22:15:20 GMT
server
nginx/1.18.0
age
6534239
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
inline; filename="sale_24109_primary_image.jpg"
x-amz-cf-pop
FRA2-C2
content-length
13361
x-amz-cf-id
WKO0nfbFa4tRl0j2j31D2jRq8iaJPoTStatWtRGShFjWDX-0Syihhg==
expires
Wed, 08 Jun 2022 22:15:20 GMT
check
jogger.zdbb.net/ 		5 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jogger.zdbb.net/check?href=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.37.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-37-39.compute-1.amazonaws.com
Software
/
Resource Hash
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:19 GMT
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=416752
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
5
zd-core-olt.min.js
cdn.static.zdbb.net/js/ 		844 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
2MGBBYzgjx.E74BUwPGHCn.l.Bj0rz4D
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 19:48:45 GMT
x-amz-request-id
DW4KQ7ZCS5QBPHE7
date
Mon, 23 Aug 2021 13:19:19 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
464
x-amz-id-2
5noGDbQoOqlYBYiIcCRkeiIWRov83muTUuCC9jM4QsRcSPQdVEKJ3oOkUnl8unNWkxfRe6+Gpnc=
expires
Mon, 30 Aug 2021 13:19:19 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.108.46 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-108-46.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Mon, 23 Aug 2021 13:19:19 GMT
Connection
keep-alive
Content-Length
16078
Expires
Mon, 30 Aug 2021 13:19:19 GMT
krux-coretag.js
cdn.static.zdbb.net/js/ 		335 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
6_e5eigUb9KJ7Lm1ZkIZsOJchuht3e03
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 19:48:44 GMT
x-amz-request-id
DW4YH4GQNVTX7GV7
date
Mon, 23 Aug 2021 13:19:19 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
255
x-amz-id-2
w34tvgmtscN9/XIyK1naPqCRSlLyKa2lb+NNxGr/f+qnJH5ZFKfVHHzja0yPXOwdc38uH7vFGaQ=
expires
Tue, 24 Aug 2021 13:19:19 GMT
like.php
www.facebook.com/v2.8/plugins/ Frame AC8F 		0
24 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=141241332490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15fa583351782c%26domain%3Dwww.neowin.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.neowin.net%252Ff34fda86b69d314%26relation%3Dparent.parent&container_width=128&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=329bf476c0710d31414a93832578f4e8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.8/plugins/like.php?action=like&app_id=141241332490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15fa583351782c%26domain%3Dwww.neowin.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.neowin.net%252Ff34fda86b69d314%26relation%3Dparent.parent&container_width=128&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.neowin.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
3BA34g4vf/ptUZ2yW1HEIjeWmweEDuoYOPwrue1eWYbv4Mk+sEfIy/e7dzOqI4prP4A3gaHCNaHcM9Q9NanKCQ==
content-length
0
date
Mon, 23 Aug 2021 13:19:19 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
like.php
www.facebook.com/v2.8/plugins/ Frame 6ADB 		0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=141241332490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a0661a1806f94%26domain%3Dwww.neowin.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.neowin.net%252Ff34fda86b69d314%26relation%3Dparent.parent&container_width=760&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=329bf476c0710d31414a93832578f4e8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.8/plugins/like.php?action=like&app_id=141241332490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a0661a1806f94%26domain%3Dwww.neowin.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.neowin.net%252Ff34fda86b69d314%26relation%3Dparent.parent&container_width=760&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.neowin.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
74ZxJq3mloJTcjh19e0vVBoXF7cScgbLQsjtO2sWpkzVfps2TjW+RjvD5jFIZwgSZ0n5NlMJtiDkbgm3YQ7XmA==
content-length
0
date
Mon, 23 Aug 2021 13:19:19 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame E1A0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
274 B
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/neowin.net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c6737709c313a368c991ae269dfb155fc9de69c03dcf9515b5e7525076d817d5

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.neowin.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

Server
Server
Date
Mon, 23 Aug 2021 13:19:19 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
216
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 13:19:19 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 13:19:19 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Mon, 23 Aug 2021 13:19:19 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Set-Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 13:19:19 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
spgdj7g8u.js
cdn.krxd.net/controltag/ 		2 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 23 Aug 2021 13:19:19 GMT
via
1.1 varnish, 1.1 varnish
age
983
x-cache
MISS, HIT, HIT
x-app-cache
MISS
x-age
0
content-encoding
gzip
content-length
22
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5161-BWI, cache-fra19132-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1629724760.545219,VS0,VE0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 62
30629
stags.bluekai.com/site/ Frame 4FA4 		71 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dneowin.net&phint=referer%3Dhttps%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&phint=bbseg%3D6918&phint=bbseg%3D1100038&phint=bbseg%3D6929&phint=bbseg%3D1100693&phint=bbseg%3D900248&phint=bbseg%3D7455&phint=bbseg%3D6816&phint=bbseg%3D6817&phint=bbseg%3D900255&phint=bbseg%3D6819&phint=bbseg%3D6821&phint=bbseg%3D6823&phint=bbseg%3D900263&phint=bbseg%3D6825&phint=bbseg%3D6953&phint=bbseg%3D6828&phint=bbseg%3D1100077&phint=bbseg%3D6833&phint=bbseg%3D6834&phint=bbseg%3D6837&phint=bbseg%3D6840&phint=bbseg%3D6841&phint=bbseg%3D900152&phint=bbseg%3D900281&phint=bbseg%3D6844&phint=bbseg%3D6845&phint=bbseg%3D6846&phint=bbseg%3D900157&phint=bbseg%3D6848&phint=bbseg%3D900282&phint=bbseg%3D900285&phint=bbseg%3D1100101&phint=bbseg%3D8006&phint=bbseg%3D900169&phint=bbseg%3D900307&phint=bbseg%3D900185&phint=bbseg%3D900313&phint=bbseg%3D900315&phint=bbseg%3D6890&phint=bbseg%3D900331&phint=bbseg%3D900333&phint=bbseg%3D900207&phint=__bk_t%3DCISA%3A%20BadAlloc%20vulnerability%20can%20lead%20to%20remote%20code%20execution%20in%20BlackBerry%20products%20-%20Neowin&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&phint=__bk_v%3D3.1.10&limit=10&r=56108329
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.neowin.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
69ac
Date
Mon, 23 Aug 2021 13:19:20 GMT
Connection
keep-alive
X-N
S
match
bee.imrworldwide.com/v1/clients/ 		39 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bee.imrworldwide.com/v1/clients/match?client_id=ziffdavis&url=https://www.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products/?utm_source=feedburner%5Cu0026utm_medium=feed%5Cu0026utm_campaign=Feed%253A+neowin-main+%2528Neowin+News%2529
Requested by
Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
/
Resource Hash
0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
63
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-frame-options
DENY
strict-transport-security
max-age=25920000; includeSubDomains
content-type
application/json; charset=utf-8
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
isCpevU6lNgZ-eUw_Xp88gD7Xx6CaCu2i6FK7lEjIgsYED3BauG8oQ==
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1629724759705&ci=ziffdavis&js=1&cg=0&ts=2728X590260.skimlinks.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fc...
  • https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1629724759705&ci=ziffdavis&js=1&cg=0&ts=2728X590260.skimlinks.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fc...
44 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1629724759705&ci=ziffdavis&js=1&cg=0&ts=2728X590260.skimlinks.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&sr=1600x1200&tz=2&ja=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.201.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-201-247.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
server
nginx
location
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1629724759705&ci=ziffdavis&js=1&cg=0&ts=2728X590260.skimlinks.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&sr=1600x1200&tz=2&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
config250.js
cdn-gl.imrworldwide.com/conf/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by
Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59b7a9cb3679e50edb5507a836f0702a475a584c9b61c0eda64b0bcd20be151b

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
vp1aNL.eL2.jjZIwzE0uh6KvF3NQbeCQ
content-encoding
gzip
etag
W/"67b344787464c98cf779525366f38126"
last-modified
Mon, 23 Aug 2021 11:20:31 GMT
server
AmazonS3
age
1711
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Mon, 23 Aug 2021 12:50:49 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
x1WhL6_3b-LIp2w7OPxCwR-iB0hUZOI37M-jF2xruRgBp4tDKzVusw==
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
WYmiUb1.Cg6z3yQT9O20r1WlJJUllnwa
content-encoding
gzip
etag
W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified
Tue, 17 Aug 2021 13:40:58 GMT
server
AmazonS3
age
1039
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 23 Aug 2021 13:02:00 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
gBlvQF-0VhKehUoDzpuFAsQw7rjBkyjjSNJ4xqksKQnybd3FuzxJLg==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame B59C 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.neowin.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCVER=v1; IMRID=b95a90a0-0414-11ec-8b82-7745a4c68df1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.neowin.net/

Response headers

content-type
text/html
last-modified
Tue, 17 Aug 2021 13:40:58 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
zpOrZdUsdtFSUglONNnszp78Z80REEcP
server
AmazonS3
content-encoding
gzip
date
Mon, 23 Aug 2021 13:19:09 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
GDCoa_t0PjnIbdqcpZ3E7Ll0jW1fcqszTXPBZv6t2dQUAbZeb2WvDQ==
age
11
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 6502 		2 KB
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
759cedf3d46970eb50d36263b0aeb88e6567294bb6e0e16f6f30f1ce116957a0

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t

Response headers

Server
Server
Date
Mon, 23 Aug 2021 13:19:19 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
631
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
gn
secure-us.imrworldwide.com/cgi-bin/ Frame B59C 		88 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=plovaij8gwf7vecg5ku78yby87lgk1629724759&c16=sdkv,bj.6.0.0&retry=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.201.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-201-247.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
88
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
plovaij8gwf7vecg5ku78yby87lgk1629724759.nuid.imrworldwide.com/ Frame B59C 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plovaij8gwf7vecg5ku78yby87lgk1629724759.nuid.imrworldwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:39:07 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
42331
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
BRc32dXElpW-GLJz-wgEHprSCiNnbSSMbm7GM_h0gVoXKpnoXKhG-g==
amzns2s
rtb.gumgum.com/usync/ Frame 5B72 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
965d121aacebda7612607d2dd6d58173401bcda631ad9cec87a82e9db5045321

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_3bdb156e-1be6-4864-b0a3-6f36f2645665; Domain=.gumgum.com; Expires=Tue, 23-Aug-2022 13:19:20 GMT; Path=/; Secure; SameSite=None
etag
W/"03992e7a4b401393f1c206a060b220577"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C8E5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.185.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-185-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eea03d418c531ef7ae172232ea4899a9636c8b48db86cf0eb594f7586518cb84

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YSOgV5BepE9BVEpW3Ac6KQAA; CMPS=5222
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|31|152|105|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1660
Expires
Mon, 23 Aug 2021 13:19:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:20 GMT
Connection
keep-alive
Set-Cookie
CMID=YSOgV5BepE9BVEpW3Ac6KQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 13:19:19 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 13:19:19 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 13:19:19 GMT CMRUM3=2d6123a05705a0&696123a05705a0&e66123a0572760&986123a05705a00&1f6123a05705a00&396123a05705a0&f16123a05705a0&276123a0570b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 13:19:19 GMT CMST=YSOgV2EjoFcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 13:19:19 GMT

Redirect headers

Server
Apache
Content-Length
333
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 23 Aug 2021 13:19:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YSOgV5BepE9BVEpW3Ac6KQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 13:19:19 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 13:19:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B7E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.184.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-184-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=134580
expires
Wed, 25 Aug 2021 02:42:19 GMT
date
Mon, 23 Aug 2021 13:19:19 GMT
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame A286 		243 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b000:0:70b1:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c159926d1e52c6823b5dec56b15cf59f9c87995511feffd43dadfeca6673adb

Request headers

:method
GET
:authority
sync-amz.ads.yieldmo.com
:scheme
https
:path
/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
application/xml
date
Mon, 23 Aug 2021 13:19:20 GMT
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
dX57P98qdMY5a0IV1NTo0mTFhqyEuinM91lG0EKYv2frzPogFpbJXA==
usync.html
eus.rubiconproject.com/ Frame 8633 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Aug 2021 13:19:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9E94
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-LjtWIsh1l2P7etb.0hRkY65c1qA4oEI-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-LjtWIsh1l2P7etb.0hRkY65c1qA4oEI-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
Server
Date
Mon, 23 Aug 2021 13:19:23 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Mon, 23 Aug 2021 13:19:23 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1zzp;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 24-Aug-2022 13:19:23 GMT;Secure;SameSite=None A3=d=AQABBFugI2ECEHfOORfVPxhN_ENSgPlrkXMFEgEBAQHxJGEtYQAAAAAA_eMAAA&S=AQAAAs6b1lDr72WDQx1HwvBA8O0; Expires=Tue, 23 Aug 2022 19:19:23 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=774bbv5gi782r&b=3&s=2v; Expires=Tue, 23 Aug 2022 19:19:23 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-LjtWIsh1l2P7etb.0hRkY65c1qA4oEI-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.138
cm
u.openx.net/w/1.0/ Frame CE66 		628 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
2afec0c4be6e875346e9979c9bd17d8f3c8bd6cbf91f92a1488c040fdb0b31c3

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=e5592e76-5acd-0f12-1b5e-cf6d53b35aae|1629724759
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=e5592e76-5acd-0f12-1b5e-cf6d53b35aae|1629724759; Version=1; Expires=Tue, 23-Aug-2022 13:19:19 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629724759|gen0vNiygu; Version=1; Expires=Tue, 07-Sep-2021 13:19:19 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 23 Aug 2021 13:19:19 GMT
content-type
text/html
content-length
393
content-encoding
gzip
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4768
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=859604984714825888&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=859604984714825888&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
Server
Date
Mon, 23 Aug 2021 13:19:20 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 23 Aug 2021 13:19:19 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=859604984714825888&ex=appnexus.com
AN-X-Request-Uuid
1cb34560-ab9e-450a-a1a9-d51b2f3a49fc
Set-Cookie
uuid2=859604984714825888; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 21-Nov-2021 13:19:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5C61
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2556842029699953157
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2556842029699953157
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
Server
Date
Mon, 23 Aug 2021 13:19:21 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 23 Aug 2021 13:19:20 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2556842029699953157
set-cookie
tluid=2556842029699953157; Max-Age=7776000; Expires=Sun, 21 Nov 2021 13:19:20 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CE66 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=6e236d52-efe0-8b1f-8186-85125fa7a2b3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:19 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CE66
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G1VyZUxUdWEAASE0HFJtbkhTcDMAAXU0HlWpES4-
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G1VyZUxUdWEAASE0HFJtbkhTcDMAAXU0HlWpES4-
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G1VyZUxUdWEAASE0HFJtbkhTcDMAAXU0HlWpES4-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CE66
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1593776517218906470
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1593776517218906470
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1593776517218906470
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame CE66 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=36f5112f-f34a-30e5-4188-078537946953&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CE66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWE5YWMyZTUtM2EzZC02ZTQxLTU0NjgtNWQzY2ZkNzZhNzMz
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWE5YWMyZTUtM2EzZC02ZTQxLTU0NjgtNWQzY2ZkNzZhNzMz&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWE5YWMyZTUtM2EzZC02ZTQxLTU0NjgtNWQzY2ZkNzZhNzMz&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWE5YWMyZTUtM2EzZC02ZTQxLTU0NjgtNWQzY2ZkNzZhNzMz&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CE66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENN-UmbcZQDhF8qaBrEuPVA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENN-UmbcZQDhF8qaBrEuPVA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENN-UmbcZQDhF8qaBrEuPVA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8B7E 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88804243&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b29455f863b7aebfa041f9af11274c512b11c75d424e5bc5ac349aeab8910312

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:22 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 8633 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f38a80a1420ad17e4f3ec2fb585d11afae9b9e4c6ec4b72660b295b740ebbe93

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:19:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Aug 2021 20:15:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45753
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Tue, 24 Aug 2021 02:01:53 GMT
crum
dsum-sec.casalemedia.com/ Frame C8E5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSOgV5BepE9BVEpW3Ac6KQAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YSOgV5BepE9BVEpW3Ac6KQAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA-4PRVvpe8zM4IirhlSbMA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA-4PRVvpe8zM4IirhlSbMA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.185.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-185-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:19:21 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA-4PRVvpe8zM4IirhlSbMA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C8E5 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YSOgV5BepE9BVEpW3Ac6KQAABMIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BCZFGA4W685NARE59A6N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C8E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSOgV5BepE9BVEpW3Ac6KQAABMIAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSOgV5BepE9BVEpW3Ac6KQAABMIAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB3MHnQHvZi55RY3dUW6eDQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB3MHnQHvZi55RY3dUW6eDQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.185.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-185-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 23 Aug 2021 13:19:21 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB3MHnQHvZi55RY3dUW6eDQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C8E5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YSOgV5BepE9BVEpW3Ac6KQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
noop
px.owneriq.net/ Frame C8E5
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6830111631680561332&uid=Q6830111631680561332&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.21.100 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:19:24 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 23 Aug 2021 13:19:24 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame C8E5
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbe84e1f-44a8-4ddd-9137-eb828e6d2f7b
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbe84e1f-44a8-4ddd-9137-eb828e6d2f7b&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbe84e1f-44a8-4ddd-9137-eb828e6d2f7b&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.185.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-185-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:19:23 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbe84e1f-44a8-4ddd-9137-eb828e6d2f7b&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
301
Expires
Mon, 23 Aug 2021 13:19:23 GMT
crum
dsum-sec.casalemedia.com/ Frame C8E5
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.185.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-185-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:19:24 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 23 Aug 2021 13:19:24 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame C8E5
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029275941960
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029275941960
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.185.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-185-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:19:23 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739029275941960
Date
Mon, 23 Aug 2021 13:19:23 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C8E5 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YSOgV5BepE9BVEpW3Ac6KQAABMIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:20 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=859604984714825888
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=859604984714825888
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:23 GMT
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1d877e08-753e-4bb2-8a7c-2afbe03d0119
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=859604984714825888
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3bdb156e-1be6-4864-b0a3-6f36f2645665&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3bdb156e-1be6-4864-b0a3-6f36f2645665&gdpr=&gdpr_consent=&us_privacy=
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=XiqZmwkrnp9FfsrKWS2GkA0sm81Ffp7KWypbjFbj
  • https://rtb.gumgum.com/usersync?b=bsw&i=3b953ccc-ee6f-48d0-9aba-3b53ac2ac1bf
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=3b953ccc-ee6f-48d0-9aba-3b53ac2ac1bf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=3b953ccc-ee6f-48d0-9aba-3b53ac2ac1bf
date
Mon, 23 Aug 2021 13:19:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c439e774-0d14-4f42-4cbc-bd84ff044cd1$ip$185.236.201.227
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-c439e774-0d14-4f42-4cbc-bd84ff044cd1$ip$185.236.201.227
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-c439e774-0d14-4f42-4cbc-bd84ff044cd1$ip$185.236.201.227
Date
Mon, 23 Aug 2021 13:19:23 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3bdb156e-1be6-4864-b0a3-6f36f2645665&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8106674420
  • https://sync.1rx.io/usersync/tradedesk/0e66e1eb-3c4d-4110-bc2c-c373a815ec37
  • https://sync.targeting.unrulymedia.com/csync/RX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-a444756f-c433-4a6e-9f61-7c0e574aa2c4-003
date
Mon, 23 Aug 2021 13:19:20 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa444756fc4334a6e9f617c0e574aa2c4003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=E1PYpITPqrTQ&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=E1PYpITPqrTQ&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=E1PYpITPqrTQ&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84459f4bbf-2cqqb
expires
-1
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RxIeqFMdYH12qXwbUpf7vsJ5oHRlToAYMkd7F4cgPf7e_I1_ksswvSUVurF63B8j%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RxIeqFMdYH12qXwbUpf7vsJ5oHRlToAYMkd7F4cgPf7e_I1_ksswvSUVurF63B8j%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RxIeqFMdYH12qXwbUpf7vsJ5oHRlToAYMkd7F4cgPf7e_I1_ksswvSUVurF63B8j%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:25 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RxIeqFMdYH12qXwbUpf7vsJ5oHRlToAYMkd7F4cgPf7e_I1_ksswvSUVurF63B8j%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RxIeqFMdYH12qXwbUpf7vsJ5oHRlToAYMkd7F4cgPf7e_I1_ksswvSUVurF63B8j%29
Date
Mon, 23 Aug 2021 13:19:25 GMT
Connection
close
X-TraceId
946b4fab206201fd5e8e6cd8df97d4
Content-Length
0
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=c1c8b55f-db5f-08b3-26f3-1768ffc46815
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=c1c8b55f-db5f-08b3-26f3-1768ffc46815
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 23 Aug 2021 13:19:20 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=c1c8b55f-db5f-08b3-26f3-1768ffc46815
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-YKTp4GtE2pdB4bdPC6d6hRbGMhOFVpXdSRA0~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-YKTp4GtE2pdB4bdPC6d6hRbGMhOFVpXdSRA0~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 23 Aug 2021 13:19:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-YKTp4GtE2pdB4bdPC6d6hRbGMhOFVpXdSRA0~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=bb99d256-0414-11ec-95ae-1720138fb780
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=bb99d256-0414-11ec-95ae-1720138fb780
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=bb99d256-0414-11ec-95ae-1720138fb780
Date
Mon, 23 Aug 2021 13:19:23 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
bb99d257-0414-11ec-95ae-1720138fb780
services
sync.technoratimedia.com/ Frame 5B72 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
645767075
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 5B72 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:19 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=875e5931-4f65-441c-aaaf-30565c6fc020
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=875e5931-4f65-441c-aaaf-30565c6fc020
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=875e5931-4f65-441c-aaaf-30565c6fc020
date
Mon, 23 Aug 2021 13:19:20 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 5B72
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=3919333717120786211&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=3919333717120786211&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=3919333717120786211&gdpr=1&gdpr_consent=
date
Mon, 23 Aug 2021 13:19:20 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5B72 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_3bdb156e-1be6-4864-b0a3-6f36f2645665
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:20 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B06 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.184.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-184-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=134579
expires
Wed, 25 Aug 2021 02:42:19 GMT
date
Mon, 23 Aug 2021 13:19:20 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 52EC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=0e66e1eb-3c4d-4110-bc2c-c373a815ec37&t=1632316760
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=0e66e1eb-3c4d-4110-bc2c-c373a815ec37&t=1632316760
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=0e66e1eb-3c4d-4110-bc2c-c373a815ec37&t=1632316760
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3bdb156e-1be6-4864-b0a3-6f36f2645665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 23 Aug 2021 13:19:20 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=0e66e1eb-3c4d-4110-bc2c-c373a815ec37&t=1632316760
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=0e66e1eb-3c4d-4110-bc2c-c373a815ec37; domain=.adsrvr.org; expires=Tue, 23-Aug-2022 13:19:20 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjWgYmO65DzORAFOAE.; domain=.adsrvr.org; expires=Tue, 23-Aug-2022 13:19:20 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 6635
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KSOO1LDG-1R-8IZ0; pux=1512%3D102062%262249%3D102062%262307%3D102062%262974%3D102062%263778%3D102062%26idl%3D102062%26brx%3D102062%26goog%3D102062%26; audit=1|wQ1xwvnF8sPSBR9xcKuBLqQsK11ZaASBloKlLUrIR48cWV3CTTmANdcgdLXHROy7zFG1G0WAJHzqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Aug 2021 13:19:22 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Mon, 23 Aug 2021 13:19:22 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame F466
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=e7736123-a059-4c00-986e-20c6c9eb3843&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=e7736123-a059-4c00-986e-20c6c9eb3843&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=e7736123-a059-4c00-986e-20c6c9eb3843&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3bdb156e-1be6-4864-b0a3-6f36f2645665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 23 Aug 2021 13:19:21 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 23 Aug 2021 13:22:40 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3853 9552a83 master cdg-pixel-x2
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=e7736123-a059-4c00-986e-20c6c9eb3843; domain=.mathtag.com; path=/; expires=Tue, 20-Sep-2022 13:19:21 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=e7736123-a059-4c00-986e-20c6c9eb3843&gdpr=&gdpr_consent=
Expires
Mon, 23 Aug 2021 13:22:39 GMT
usersync
rtb.gumgum.com/ Frame 693C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg
  • https://rtb.gumgum.com/usersync?b=atm&i=YSOgWAADul_r0wBg&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YSOgWAADul_r0wBg&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YSOgWAADul_r0wBg&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3bdb156e-1be6-4864-b0a3-6f36f2645665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 23 Aug 2021 13:19:21 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YSOgWAADul_r0wBg&gdpr=&gdpr_consent=&_test=YSOgWAADul_r0wBg
accept-ranges
bytes
date
Mon, 23 Aug 2021 13:19:20 GMT
via
1.1 varnish
x-served-by
cache-fra19152-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1629724761.972419,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame EEA2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent=&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent=&google_tc=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 23 Aug 2021 13:19:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYmRiMTU2ZS0xYmU2LTQ4NjQtYjBhMy02ZjM2ZjI2NDU2NjU=&gdpr=&gdpr_consent=&google_tc=
date
Mon, 23 Aug 2021 13:19:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
363
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 23-Aug-2021 13:34:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ssc-cms.33across.com/ps/ Frame ED44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip172.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2020008
server
33XP002
date
Mon, 23 Aug 2021 13:19:21 GMT
um
cs.emxdgt.com/ Frame 495B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 23 Aug 2021 13:19:21 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 2DB8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YSOgWsCo8YwAAKujEkgAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YSOgWsCo8YwAAKujEkgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YSOgWsCo8YwAAKujEkgAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3bdb156e-1be6-4864-b0a3-6f36f2645665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 23 Aug 2021 13:19:22 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YSOgWsCo8YwAAKujEkgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YSOgWsCo8YwAAKujEkgAAAAA; path=/; expires=Wed, 23-Aug-23 13:19:22 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
3
X-SO-HostName
a-ad40114.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":14,"gdpr":false,"ipv4":"185.236.201.227","key":"YSOgWsCo8YwAAKujEkgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40114"}
X-SO-Key
YSOgWsCo8YwAAKujEkgAAAAA
X-SO-IP
185.236.201.227
X-SO-Cluster-ID
14
X-SO-Upstream-ID
a-ad40114
usersync
rtb.gumgum.com/ Frame 67F1
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1875819622167230104
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1875819622167230104
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1875819622167230104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3bdb156e-1be6-4864-b0a3-6f36f2645665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 23 Aug 2021 13:19:23 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmRpbmRibmZsZGABAMJKDJMQAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 17 Sep 2022 13:19:23 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI0MzcyNjA0MBHiM9RNKkrzNHILT03PSsqT4jU0M7I0NzIxNzM2MrAAABdz0Sw0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 17 Sep 2022 13:19:23 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI0MzcyNjA0MBHiM9RNKkrzNHILT03PSsoDAO2sx4olAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1875819622167230104
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame E11A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=U6FFbbhMTjMbI9wydS6c&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=U6FFbbhMTjMbI9wydS6c&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=U6FFbbhMTjMbI9wydS6c&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_3bdb156e-1be6-4864-b0a3-6f36f2645665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 23 Aug 2021 13:19:23 GMT Mon, 23 Aug 2021 13:19:23 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=U6FFbbhMTjMbI9wydS6c&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
check_c
zdbb.net/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zdbb.net/check_c
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.26.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-26-149.eu-west-1.compute.amazonaws.com
Software
Ziff Davis BuyerBase /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
server
Ziff Davis BuyerBase
p3p
CP="ALL DSP COR NID"
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
content-length
0
expires
0
khaos.jpg
token.rubiconproject.com/ Frame 8633 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8633
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KSOO1LDG-1R-8IZ0&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KSOO1LDG-1R-8IZ0&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:21 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KSOO1LDG-1R-8IZ0&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8633
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wMu1CYONTYjscMaOSikYKMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5612559707678500003
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5612559707678500003
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Mon, 23 Aug 2021 13:19:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5612559707678500003
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/ Frame 8633
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YSOgWAADuoer0gBg
85 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YSOgWAADuoer0gBg
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
566
x-served-by
cache-fra19152-FRA
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1629724761.972195,VS0,VE0
content-length
85
x-cache-hits
1812

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1629724761.861476,VS0,VE89
x-served-by
cache-fra19152-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YSOgWAADuoer0gBg
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 8633 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:20 GMT
via
1.1 google
alt-svc
clear
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 8633 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 8633
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSOO1LDG-1R-8IZ0&sigv=1&esig=2~dc3b6e3629c6112ff3991101b2c457ff502691d8
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSOO1LDG-1R-8IZ0&sigv=1&esig=2~dc3b6e3629c6112ff3991101b2c457ff502691d8
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:20 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSOO1LDG-1R-8IZ0&sigv=1&esig=2~dc3b6e3629c6112ff3991101b2c457ff502691d8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8633
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9e366123-a059-4000-a224-6181ed2618e7
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9e366123-a059-4000-a224-6181ed2618e7
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Date
Mon, 23 Aug 2021 13:22:40 GMT
Server
MT3 3853 9552a83 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9e366123-a059-4000-a224-6181ed2618e7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Aug 2021 13:22:39 GMT
pixel
cm.g.doubleclick.net/ Frame 8633
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPTzFMREctMVItOElaMA==
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPTzFMREctMVItOElaMA==&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPTzFMREctMVItOElaMA==&google_tc=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPTzFMREctMVItOElaMA==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8633
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMrBF0oCsYetfGaamCVGs7o&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMrBF0oCsYetfGaamCVGs7o&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMrBF0oCsYetfGaamCVGs7o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6635 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f38a80a1420ad17e4f3ec2fb585d11afae9b9e4c6ec4b72660b295b740ebbe93

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:19:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Aug 2021 20:15:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45751
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Tue, 24 Aug 2021 02:01:53 GMT
gn
secure-us.imrworldwide.com/cgi-bin/ 		44 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-408075&ch=au-408075_b99_0&sessionId=plovaij8gwf7vecg5ku78yby87lgk1629724759&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16297247598469708&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products%2F%3Futm_source%3Dfeedburner%5Cu0026utm_medium%3Dfeed%5Cu0026utm_campaign%3DFeed%253A%2Bneowin-main%2B%2528Neowin%2BNews%2529&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1629724761&rnd=806746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.201.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-201-247.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:22 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
pd
eu-u.openx.net/w/1.0/ 		0
0
usersync
rtb.gumgum.com/ Frame 6635
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
  • https://rtb.gumgum.com/usersync?b=mag&i=KSOO1LDG-1R-8IZ0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=mag&i=KSOO1LDG-1R-8IZ0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:22 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=mag&i=KSOO1LDG-1R-8IZ0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
match
c1.adform.net/serving/cookie/ Frame F9A9 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=76F19426-D48C-4CB3-9721-733FBD7FD1FA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=76F19426-D48C-4CB3-9721-733FBD7FD1FA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5482841129648458824; expires=Fri, 22 Oct 2021 13:19:23 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7D8B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3657752412482624222
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3657752412482624222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3657752412482624222
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 13:19:23 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-3657752412482624222; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 13:19:23 GMT; path=/ PugT=1629724763; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 13:19:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 13:19:23 GMT; path=/
x-lat
amspug005:0:353
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3657752412482624222
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 194D 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 23 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1449
x-powered-by
ASP.NET
date
Mon, 23 Aug 2021 13:19:23 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame DCBC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999614567174961291
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999614567174961291
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999614567174961291
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_336=5844-3657752412482624222; PUBMDCID=3; KRTBCOOKIE_57=22776-859604984714825888; KRTBCOOKIE_218=22978-YSOgWAADul_r0wBg&KRTB&23194-YSOgWAADul_r0wBg&KRTB&23209-YSOgWAADul_r0wBg&KRTB&23244-YSOgWAADul_r0wBg; KRTBCOOKIE_377=6810-0e66e1eb-3c4d-4110-bc2c-c373a815ec37&KRTB&22918-0e66e1eb-3c4d-4110-bc2c-c373a815ec37&KRTB&23031-0e66e1eb-3c4d-4110-bc2c-c373a815ec37; KRTBCOOKIE_391=22924-1593966782891687298&KRTB&23263-1593966782891687298; KRTBCOOKIE_22=14911-3573573863698190463; KRTBCOOKIE_27=16735-uid:9e366123-a059-4000-a224-6181ed2618e7&KRTB&16736-uid:9e366123-a059-4000-a224-6181ed2618e7&KRTB&23019-uid:9e366123-a059-4000-a224-6181ed2618e7&KRTB&23114-uid:9e366123-a059-4000-a224-6181ed2618e7; KRTBCOOKIE_188=3189-e7fe00a3-979e-47a7-887f-5236aa5bfab7-6123a05c-4348; PugT=1629724763
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 13:19:25 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6999614567174961291; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 13:19:25 GMT; path=/ PugT=1629724765; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 13:19:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 13:19:25 GMT; path=/
x-lat
lhrpug011:0:698
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 23 Aug 2021 13:19:25 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6999614567174961291; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999614567174961291
Pug
image2.pubmatic.com/AdServer/ Frame 66E5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMWhVN0NSMEVBQUNHMnduVWdkdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMWhVN0NSMEVBQUNHMnduVWdkdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD1hU7CR0EAACG2wnUgdw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD1hU7CR0EAACG2wnUgdw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD1hU7CR0EAACG2wnUgdw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=178201547701886965
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1hU7CR0EAACG2wnUgdw
42 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1hU7CR0EAACG2wnUgdw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1hU7CR0EAACG2wnUgdw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPugT=1629724766; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 13:19:25 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAD1hU7CR0EAACG2wnUgdw; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 13:19:25 GMT; path=/ PugT=1629724765; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 13:19:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 13:19:25 GMT; path=/
x-lat
amspug008:0:417
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 23 Aug 2021 13:19:26 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1hU7CR0EAACG2wnUgdw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
/
csync.loopme.me/ Frame 36D5 		85 B
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.6.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.6.55.162.clients.your-server.de
Software
_ /
Resource Hash
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1

Request headers

:method
GET
:authority
csync.loopme.me
:scheme
https
:path
/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
85
content-type
text/plain
date
Mon, 23 Aug 2021 13:19:24 GMT
server
_
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 92CB 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=76F19426-D48C-4CB3-9721-733FBD7FD1FA&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AxVpnJuNYkIJljPjC9y235I; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 23 Aug 2021 13:19:23 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dvGUJtSMTLOXIXM_vX_R-g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.184.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-184-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=134576
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 25 Aug 2021 02:42:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9e366123-a059-4000-a224-6181ed2618e7
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9e366123-a059-4000-a224-6181ed2618e7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 23 Aug 2021 13:22:42 GMT
Server
MT3 3853 9552a83 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9e366123-a059-4000-a224-6181ed2618e7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Aug 2021 13:22:41 GMT
mw
mwzeom.zeotap.com/ Frame 8B7E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=76F19426-D48C-4CB3-9721-733FBD7FD1FA
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d1e2716815eb8a1ef067eed891b2a4a9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=9dd5e08d-54d8-4c35-93b9-3c8d6d8bc9c5&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=ba5c19647ae113b0
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886f62f1f2de&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886f62f1f2de&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHCHroe3Or7Eqnw8VwEXeHE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHCHroe3Or7Eqnw8VwEXeHE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886f62f1f2de&zcluid=ba5c19647ae113b0&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6834a1e328df42cf-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHCHroe3Or7Eqnw8VwEXeHE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f5dc40e-451d-4414-6275-a923d581746f&reqId=e7081e2f-e225-497a-69c6-886f62f1f2de&zcluid=ba5c19647ae113b0&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1593966782891687298
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1593966782891687298
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:24 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:456
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1593966782891687298
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9e366123-a059-4000-a224-6181ed2618e7&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9e366123-a059-4000-a224-6181ed2618e7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:24 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:581
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 23 Aug 2021 13:22:06 GMT
Server
MT3 3853 9552a83 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9e366123-a059-4000-a224-6181ed2618e7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Aug 2021 13:22:05 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e66e1eb-3c4d-4110-bc2c-c373a815ec37
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e66e1eb-3c4d-4110-bc2c-c373a815ec37
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:24 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:491
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e66e1eb-3c4d-4110-bc2c-c373a815ec37
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcDxE2mhWNNswrD_8WrcvE&google_cver=1
42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcDxE2mhWNNswrD_8WrcvE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcDxE2mhWNNswrD_8WrcvE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=859604984714825888&gdpr=0&gdpr_consent=
42 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=859604984714825888&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:22 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:305
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:19:24 GMT
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0c03e41f-4fa8-4cad-adeb-2d491daf6cc0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=859604984714825888&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=76F19426-D48C-4CB3-9721-733FBD7FD1FA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CcVLtKJE2uVWJ576FomaCNVLcBJTLq8-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CcVLtKJE2uVWJ576FomaCNVLcBJTLq8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 23 Aug 2021 13:19:23 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CcVLtKJE2uVWJ576FomaCNVLcBJTLq8-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
76F19426-D48C-4CB3-9721-733FBD7FD1FA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8B7E 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/76F19426-D48C-4CB3-9721-733FBD7FD1FA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x1bvzpBX6MrcAryfwFHwxZRQ7ZjcAuifwlZItypN
42 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x1bvzpBX6MrcAryfwFHwxZRQ7ZjcAuifwlZItypN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:21 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:652
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x1bvzpBX6MrcAryfwFHwxZRQ7ZjcAuifwlZItypN
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36611500-e81b-4a16-9d70-5ce1a094ebf3&gdpr=&gdpr_consent=&gdpr_pd=
1 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36611500-e81b-4a16-9d70-5ce1a094ebf3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:525
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36611500-e81b-4a16-9d70-5ce1a094ebf3&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 23 Aug 2021 13:19:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSOgWAADul_r0wBg&gdpr=0&gdpr_consent=
1 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSOgWAADul_r0wBg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:24 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:414
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1629724763.135067,VS0,VE0
x-served-by
cache-fra19152-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSOgWAADul_r0wBg&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3573573863698190463&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3573573863698190463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:24 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:403
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3573573863698190463&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 23 Aug 2021 13:19:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 8B7E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=76F19426-D48C-4CB3-9721-733FBD7FD1FA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5e780eec-b73f-4d18-ae44-1b55ac73a73b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5e780eec-b73f-4d18-ae44-1b55ac73a73b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:423
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5e780eec-b73f-4d18-ae44-1b55ac73a73b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 23 Aug 2021 13:19:26 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 8B7E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=e7fe00a3-979e-47a7-887f-5236aa5bfab7-6123a05c-4348&gdpr=0&gdpr_consent=
42 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=e7fe00a3-979e-47a7-887f-5236aa5bfab7-6123a05c-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:19:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=e7fe00a3-979e-47a7-887f-5236aa5bfab7-6123a05c-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmatic
um.simpli.fi/ Frame 8B7E 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:19:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 22 Aug 2021 13:19:23 GMT
1629041505_msw-20210815-promo_mediump.jpg
cdn.neow.in/news/images/uploaded/2021/08/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neow.in/news/images/uploaded/2021/08/1629041505_msw-20210815-promo_mediump.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
299f22af2b0ea344d731f734d58956380cc1b2280323f42080ec373aa0443311

Request headers

Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 17:50:17 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Sun, 15 Aug 2021 15:31:48 GMT
server
AmazonS3
age
674947
etag
"107c49c579673038eeaf375941b65732"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
30778
x-amz-cf-id
SXLvG3AJ-ya7C0bgdgIb2MDSb2rQwZMk1mieHIJA0ugJrzmmZlZf1g==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=1&gdpr_consent=BOQf-JpOQf-JpAKACCENBQAAAAAduAAA

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| __tcfapi function| __uspapi object| _qevents object| ADTAFERRORHANDLER object| ADTAFTAG string| GoogleAnalyticsObject function| ga object| socialLikesButtons function| $ function| jQuery object| hljs number| newsOffset undefined| disabledEvents undefined| jumpToNewComment undefined| promoslider object| nw boolean| moreComments boolean| spinnerOff string| promos boolean| mobile string| megamenu function| Hammer function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| htmlParser function| postscribe function| domready object| LazyAds object| Scroll object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime function| __tcfapiui object| SCWidget function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| skimwordsDataCallback function| instantDataCallback string| currentTheme string| nextTheme number| width number| initialIndex object| $promoslider object| $jscomp function| $jscomp$lookupPolyfilledValue object| __stitialW function| __NSGPTB object| pbjs function| __NSGPTDummyCMP object| NSGPT object| stitial object| apstag boolean| apstagLOADED function| pbjsChunk object| __core-js_shared__ object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| Adomik object| _comscore boolean| __NSGPTBp string| google_page_url object| googletag object| FB object| __twttrll object| twttr object| __twttr function| Waypoint object| zd function| udm_ object| ns_p object| COMSCORE string| waypointContextKey function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| ggeac object| google_js_reporting_queue object| ZERG string| pubcidCookie function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| __cmp object| json5498865 object| dataLayer string| __ZD_CPID_ object| __ZD_USEG_ object| __ZD_SEG_ object| zdcoreSignalBuffer object| json3758016 object| zdcoreGurgleCallbacks function| Krux object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| pvar object| V60 object| NOLBUNDLE object| ciDdrs string| key function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents

12 Cookies

Domain/Path Name / Value
www.neowin.net/ Name: h_zdbb
Value:
www.neowin.net/ Name: geoCC
Value: DE
.neowin.net/ Name: _gat_scDealFeedWidgetGA
Value: 1
.neowin.net/ Name: _gat
Value: 1
.neowin.net/ Name: _ga
Value: GA1.2.1205619116.1629724759
.neowin.net/news/cisa-badalloc-vulnerability-can-lead-to-remote-code-execution-in-blackberry-products Name: _dlt
Value: 1
.neowin.net/ Name: at_gd
Value: E87BB25CE244C5B16657B93F89DB010B6FA45590
www.neowin.net/ Name: fu
Value: 1
.neowin.net/ Name: _gat_ns
Value: 1
.neowin.net/ Name: viewData
Value: H4sIAAAAAAAAA4tWMjIytLAwUIoFAG8mhgsKAAAA
.neowin.net/ Name: _gid
Value: GA1.2.288636625.1629724759
www.neowin.net/ Name: ips4_IPSSessionFront
Value: ce4rpp6g53k8ti997rn3n1ir71

3 Console Messages

Source Level URL
Text
console-api error URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.neowin.net(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://cdn.nsstatic.net/ns/neowin.net.js(Line 738)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5(Line 1)
Message:
ZD Core :: Outbound Link Tracking Initialized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
api.stacksocial.com
apis.google.com
b1sync.zemanta.com
bee.imrworldwide.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adt567.net
cdn.krxd.net
cdn.neow.in
cdn.nsstatic.net
cdn.rawgit.com
cdn.static.zdbb.net
cdnjs.cloudflare.com
cdnp1.stackassets.com
cdnp2.stackassets.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
connect.scroll.com
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.pcmag.com
graph.facebook.com
gurgle.zdbb.net
i.skimresources.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img1.zergnet.com
img4.zergnet.com
img5.zergnet.com
jogger.zdbb.net
knl.mntzrlt.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
ns.zdbb.net
p.rfihub.com
p.skimresources.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
plovaij8gwf7vecg5ku78yby87lgk1629724759.nuid.imrworldwide.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.owneriq.net
quantcast.mgr.consensu.org
r.skimresources.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.skimresources.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure-us.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.scroll.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
t.skimresources.com
tags.bkrtx.com
tg.socdm.com
token.rubiconproject.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widgets.stackcommerce.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.neowin.net
www.zergnet.com
x.bidswitch.net
zdbb.net
ziffdavis-d.openx.net
eu-u.openx.net
104.103.108.46
104.244.42.8
108.129.26.149
124.146.215.44
13.224.102.14
13.224.102.54
13.224.102.69
13.224.196.31
13.224.90.44
13.225.87.104
13.225.87.110
13.225.87.117
13.225.87.67
13.225.87.71
13.248.242.197
13.248.245.213
142.250.186.34
142.250.74.194
150.136.26.45
151.101.14.133
151.101.14.217
151.101.14.49
151.139.128.11
159.253.128.188
159.65.196.12
162.55.6.212
178.250.2.151
18.157.193.56
18.195.155.181
185.184.8.65
185.29.134.244
185.33.221.13
185.33.221.89
185.64.189.110
185.64.189.115
185.64.190.80
185.64.190.81
185.86.139.103
185.86.139.113
193.0.160.128
198.148.27.140
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
208.100.17.172
209.54.176.128
213.155.156.165
213.19.147.44
213.19.147.45
23.205.235.133
2600:9000:2190:3200:2:42d9:3100:93a1
2600:9000:2190:4600:6:44e3:f8c0:93a1
2600:9000:2190:da00:9:46dc:4700:93a1
2600:9000:21f3:3c00:0:89cb:5240:93a1
2600:9000:21f3:b000:0:70b1:7080:93a1
2600:9000:21f3:e200:1d:667e:2a40:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:16f2
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:802::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:400c:c08::9a
2a00:1450:400c:c08::9c
2a02:26f0:6c00::210:bb32
2a02:fa8:8806:12::1370
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.220.238.226
3.228.62.17
34.192.90.164
34.194.37.39
34.205.3.24
34.233.22.207
34.253.109.165
34.96.81.209
35.157.168.25
35.190.59.101
35.190.91.160
35.201.100.179
35.201.67.47
35.244.159.8
35.244.174.68
37.157.6.247
38.91.45.7
5.10.17.165
51.210.112.236
52.215.67.80
52.51.212.11
52.95.123.41
54.194.104.251
54.220.211.95
54.246.201.247
54.36.172.109
64.202.112.159
64.202.112.191
66.155.71.149
69.173.144.138
69.173.144.139
69.173.144.165
69.192.160.219
85.114.159.93
89.187.169.47
91.228.74.189
92.123.21.100
95.101.184.244
95.101.185.51
95.101.27.92
96.16.141.156
010170e9494761e571d7b5f4ff56b6ba3563849acb610c4d39a40cb18c8c645d
013ac5fde33729144e26b87413f51626bc38bff23e2cc2511951d400ae239aa8
01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e
0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c71e3cc9af3ecfc208382533fff96ea589dbe72aa1ab7a48673df930e6a834
09e7ef45684fef4ce7875dd031a8853267ecc6c8175fc040c5c1ee3f47d3e317
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d64ca26acc000200dc65147608485c4794baf9a62d1258a971cd35771ccd4a3
0fc690fecfd26a2aa2c2bd9c20ed1a8952df3e80844fa9fdc29dadb720e93241
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
178e862df5e42d75332a53cc846f80cfc65c2be8fba3ec27a37aae32743b68c2
18037177fb3b5b24b138a42afeee4cc8a8fa31950cb09161685c2a947e332e4c
18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19e992bd1d3922b702e8df34080fc8dbd8b69a53d62e5baeba561b4ca1cbff6f
1a20e4bb8c542c653df5cee2158235429c95f4b66f12ad43c1b6fea37ffd08a5
1c159926d1e52c6823b5dec56b15cf59f9c87995511feffd43dadfeca6673adb
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1eead0d4142e685a5e4dfda25f1e00fed3f785b05b26490561d9f092f56efb76
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
26b2cbb09df7af8f20289b66af160a1b5de48821aa9b01169dad2b418f03784a
275ae15a92a8d310d7e55b834449ae3d2fc1118f217ef496b83ffc96b213c10c
2958c71ebe3c1c42c3bbdf4e4cda5173c82ec4289ff5d323cd961ffae93c1225
299f22af2b0ea344d731f734d58956380cc1b2280323f42080ec373aa0443311
2afec0c4be6e875346e9979c9bd17d8f3c8bd6cbf91f92a1488c040fdb0b31c3
2c0ed6a0b8047c8f410d6ce12819b6af035d37bf6d25546d18937cd749ceac89
2e3f54845516933ac435a01405cb2cb699d2f092e13910fcabf214b3fe8f78a7
2f10e00c3d8e89e458017a5383cc4ab4aa39567a222c7ef0ef0990e278e88927
2f441839a30400536a7929981076ef3a81faf302fdfef53922dad563c13e8af8
31cc3abe0ccc58832b033d98b03262bf538cd5a850e3b57612151d5282bb07f3
333e5118625c1a8832f283e066ac1f3dbbf676a75a3d8d858e4dfc72665f344f
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
39cb48a7fce641831a65f395c68c9bab8afd438128a95765b5f40968122cf882
3ddaaa629d52d19b50e6a90e5937332d4308d189e9a55065b489213b8c89cb72
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412592b7bb8304b8589c68c8404d3e6438e8715249c0d1fa2e1bc8a23e0610f0
431662d41ca41dab60ef2e6e42054bcd7d42ea34336bc92c9ec96c21e9901e0a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d3228fb5ac93694629d8403e3b0b7bd0676318f6bdf35ce77fc12bfbc19a58
4839b7b89baae3d8b0be135d91d866b2fc7349d559fb6bba507e37f8c447fdf5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4984c87f1eec6a753e4575a76d11ae77a06d658d7e8ba702b11c3b37b52a0890
4cdd8915b932a7542577e40be604465a2362ab1db586216d1c5bf77b92f17a9e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4849329855f04b847b923fc72de03af0d9ab0c7d38e6dee9e92d84f5d33d6b
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
4f5ee163094e2ea9d1c1b22a86489d97ce089095f29c347ce3684e06cb6f8bb4
4f6f8f356a938b1ebe20d35d7e556fe7086cc4032040cd4744721236d2026e84
50620886c101862d378bb6aafe054417e7b0b8a0892b55e15fbf0f745936a797
5112c6ee3e859c7c5c482b1160cae49d6d0db6c6083da8ffa8d6afcad3dd61b5
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
54b06f69e274375ca3f0254673f2c1b79329479f7fac98e7f5de01d31d8e4722
56f727a22e798992fabc9c63625a88ad91bd22b4cd4cc1bfb4a5a5517156756d
59b7a9cb3679e50edb5507a836f0702a475a584c9b61c0eda64b0bcd20be151b
5d53af7f5581779027349076710a86f07b091794feae1b578fe54de28f756529
5da2153040772f13ecd9c2504e439f877264f3cff9f7065e13571dcd43e6b062
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
603d4933b5b4daac1429f4b6e4a0ca6e52c51acbff63991b375f315936d73ebb
6acb12ffbec935bad7832f11f79b7019c1cda2412c98cc6d05cf7bcb55add36b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7e550df7f93b38ecd55cbacaf782a76d5a38a810f95c0c06b023954b73965f
705f5366abf38dbf00c210f0f4cfa0434cd0480a8bfa9619e5a5c75159610cdd
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
759cedf3d46970eb50d36263b0aeb88e6567294bb6e0e16f6f30f1ce116957a0
761d580b2c335ceb4b3e26b152cd788619a5e849b176883427acee378b0efe11
7c3bb686cf87c692323c53cdc32528edc686417d44700afd32888b39349f18c5
7d4e83ce54a3ff32d798fe13de3beec756a89b5d829dbacfbab8847d0b4f9122
7dcac2f73e2ea39db98f19c6cd3c8cbb0d495ad0efb15490ed303c343e9fcbea
7e28d79ce3a1befd2fe80c6ef959da62a50502a7bb058461ee7c5dab1cc51cc0
7e8df8e5fea8752e1707724b6a599480de5a927bdeace064dc4c37fb6ec50d24
81ef8aa9cfa550a9aedaa7b7203b1c823fcbeb36520c78708dfead7aa1625336
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
965d121aacebda7612607d2dd6d58173401bcda631ad9cec87a82e9db5045321
99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d
9a0d8323395438a027eea7f39a03d97690ca19e5608eee69ec73fcce56860232
9bac4e91f0dd4ba68e6f36393e9ae96540fdc6b5ad7979883b2e89fe70c2730d
9cc71e169f0661dfbc6230e5a704d39d124fe562dd4831494dc08364e0766c64
9f2d175484f52e1aa69e5f62ceda8e408db0c77eca4160f01dd9a605725e6c3c
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29455f863b7aebfa041f9af11274c512b11c75d424e5bc5ac349aeab8910312
b3aea2998f99cfec50422dd591f08fb0151a3d6460f2b4b8d152118cebdeda56
b5481b310796d051c8c07cb5e35fc34cf144e9e45c2e956dba641c0d8fe9a6ed
b6ab7ceb858b9c591f8d6fd6ddc631ddb3f622ed67fe5663d459dfd9d549e9ff
bec77d70dc0734024697b2fa504b24d32bd6bc78c4020534e453410b4deebfd1
beca3fb709f1e1b731c920433899763473bccb55d4e061bc1c5c762e240ee52b
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c06581b3e6b037d58efe06c7b007aaa5fd40c823e7fa9a581701f3ef947da51a
c0b2b3cbd10e65e0ca7d44a8d718c668b722057f7d9a6fd5e877c77029121f85
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c6737709c313a368c991ae269dfb155fc9de69c03dcf9515b5e7525076d817d5
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6f565d8631709c33ba7c11fd7b02f23f780ce7263ad03348e8f6baddc85e4bc
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1253d67e48346c133e06718bf1fcb1910357b59f0c8d34fbbe4fb9a297339e7
d3ac85662add00ea07d0f8db8946e50a2a8c4d403f379c69b5294ad99c252454
d878f562c11436051aa864b2419af363327b1d093b65928557dd66b83500b2ad
d9170d2f9cb8e7710d21e958aa483eceb147ce8b2ed4f6494ae977589dbe08ff
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf65ea58c77ad703d4bb54404fb73900992f892c84eaaaa4336f5213d2f464f
de55d20e82f2b29e90f7764a0aaab948eed2ae066fcd287cc79fd4466929c06d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1
e5bed23fd14a3a91bd05416552192286c4bfa2bce09805338004d7ad1fbfec3e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6498b058e63a32a40d7b5ec8dbf6dd716d46b1d364badb62fc8cdfc9054689b
e6cc91c910f7613382d4b94adf8fe4e292bf4cd72cf8c3ab767167b06fb5b76c
ed2724fa694861b0147c0138d3a758c585be0c695cd9f1d377b05037d16b6a18
eea03d418c531ef7ae172232ea4899a9636c8b48db86cf0eb594f7586518cb84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ba97b4709c484c0233fcc964a7d4a66f81e39357435001824d5c811ae6a37a
f1d54a983be77d6562d94b71952f1f509c43fb7bd84e03b277771c850efab3bd
f38a80a1420ad17e4f3ec2fb585d11afae9b9e4c6ec4b72660b295b740ebbe93
fb25d9cf3f0c9c7cd5ce86800b252cab0a997d14cacd3acb03ee64870eb15f1c
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd5d57c28747e1e8fbc1dda857edcbe00ecef258f0292171d745517af40b90c2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e