URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Submission: On May 11 via api from TR — Scanned from DE

Summary

This website contacted 29 IPs in 6 countries across 26 domains to perform 163 HTTP transactions. The main IP is 2606:4700:3031::ac43:8cd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 556837.
TLS certificate: Issued by GTS CA 1P5 on April 24th 2023. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 2606:4700:303... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.125 16509 (AMAZON-02)
5 192.0.77.2 2635 (AUTOMATTIC)
4 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
13 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 52.28.99.188 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 11 142.250.185.162 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 178.250.1.9 44788 (ASN-CRITE...)
2 2 51.75.86.98 16276 (OVH)
1 35.71.131.137 16509 (AMAZON-02)
3 3 3.67.131.231 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 2 104.111.217.42 16625 (AKAMAI-AS)
163 29
Apex Domain
Subdomains
Transfer
43 securityaffairs.com
securityaffairs.com — Cisco Umbrella Rank: 556837
429 KB
40 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
629 KB
24 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
152 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
206 KB
9 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4217
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 wp.com
i0.wp.com — Cisco Umbrella Rank: 3706
stats.wp.com — Cisco Umbrella Rank: 3022
pixel.wp.com — Cisco Umbrella Rank: 2761
86 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
5 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
210 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5171
adservice.google.de — Cisco Umbrella Rank: 7680
1 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
285 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
2 KB
3 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4850
buttons-config.sharethis.com — Cisco Umbrella Rank: 5781
l.sharethis.com — Cisco Umbrella Rank: 4920
46 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1347
459 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
674 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 674
725 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
r.turn.com — Cisco Umbrella Rank: 3697
869 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
759 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
265 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6378
556 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 60165
608 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
463 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2495
46 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1044
611 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2127
1 KB
0 everesttech.net Failed
sync-tm.everesttech.net Failed
163 26
Domain Requested by
43 securityaffairs.com securityaffairs.com
23 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
17 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
8 fonts.gstatic.com fonts.googleapis.com
7 fonts.googleapis.com securityaffairs.com
googleads.g.doubleclick.net
5 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
5 i0.wp.com securityaffairs.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 www.googletagmanager.com securityaffairs.com
www.googletagmanager.com
3 x.bidswitch.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 sync.teads.tv 1 redirects
2 onetag-sys.com 2 redirects
2 dis.criteo.com googleads.g.doubleclick.net
2 sync.mathtag.com 2 redirects
1 p.rfihub.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 r.turn.com securityaffairs.com
1 ad.turn.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 secure.gravatar.com securityaffairs.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com securityaffairs.com
1 platform-api.sharethis.com securityaffairs.com
0 sync-tm.everesttech.net Failed googleads.g.doubleclick.net
163 38
Subject Issuer Validity Valid
securityaffairs.com
GTS CA 1P5
2023-04-24 -
2023-07-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
sharethis.com
Amazon RSA 2048 M01
2023-02-28 -
2023-07-18
5 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-23 -
2023-12-24
a year crt.sh
www.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh

This page contains 18 frames:

Primary Page: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Frame ID: DB0AF1EE415C4D8EBDF76CCFF06B36D5
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20190131/zrt_lookup.html
Frame ID: 1BC0869DCBBC59DB5CD6832546F9A74F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1683813579&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813579273&bpp=237&bdt=156&idt=460&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7133123642753&frm=20&pv=2&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=492
Frame ID: 8881FAAC4F1309D2C02FF107751DC92D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Frame ID: 648198D2256B60D4A2002E30DF9754F5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Frame ID: AC599CAC62C3291541C9FE0FC0FD97E2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Frame ID: AF7DFDF2151FACFF73386C6E86EB525F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7352F063A2F7307A7523F4CD989DBF9C
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B19420CFCA84F631803136BD2F234F52
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2B30AD8C6A1B0A688244EB318E84854C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: B5A02CA3D33382998F9BF76E8D0420A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 5AA6A8E53B53746FBFB99B5F42C709D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 00C3FA4CC4F2CCFECAC1FBCF4B1BD807
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 847BA2633EC38EC61048577FC465EEFE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CBD618CF3958D633CF080303DB735277
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 805E51B8B0FCD7150A82D660BD6A6D2E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 6983D26AE8349D991AC1548BC59F55AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E37823E481110F5E0C4CC5D46AED7DC2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8F68F4E2B911F4359D56B7FD86F391D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

A zero-click flaw in Windows allows stealing NTLM credentialsSecurity Affairs

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

163
Requests

94 %
HTTPS

59 %
IPv6

26
Domains

38
Subdomains

29
IPs

6
Countries

2064 kB
Transfer

4914 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 135
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEo-oWf12IIZyxynPCwwvwo&google_cver=1&google_push=ATf1kGMY9LBOaxUnEqtpcyaNeUlb2yRsungm_xHWGrq9YYzAvBTg0X8Q6unRQwa4ogDW4wx1iH_SCfyFcvE_w2cQvjTvvzf5p5BOxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5Njg0NzE2NDgyMzc2MDMxNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED5pvTanEsrTb95omH65i44&google_cver=1
Request Chain 137
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELZPj3ahQDF1aZ5m7mDZ07I&google_cver=1&google_push=ATf1kGNjTRf8sVbVWxzf64Pl0sKA5j8qFwGhc8YjdinJz3dCHUJd0GPEQKPc5H8itQ6kqsogE_GTPEm8ManrEUKl3kVAYCxy5CllDw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNjTRf8sVbVWxzf64Pl0sKA5j8qFwGhc8YjdinJz3dCHUJd0GPEQKPc5H8itQ6kqsogE_GTPEm8ManrEUKl3kVAYCxy5CllDw
Request Chain 138
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN9WaLm07ocCorrjd-sAxwM&google_cver=1&google_push=ATf1kGPUfV6giua5eldMeR8zdnN0fgoPcPLCeyeemWnQ75xgTiA9Ct2p6jciXAI6cC-vCVRgx6fkfWz3GFhNrmzFiJ9PNSoC1To7fg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPUfV6giua5eldMeR8zdnN0fgoPcPLCeyeemWnQ75xgTiA9Ct2p6jciXAI6cC-vCVRgx6fkfWz3GFhNrmzFiJ9PNSoC1To7fg&google_hm=M2CWb3LgQt6wvRW08C1O_4g
Request Chain 139
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKA-kUtDkn78I0PSQ0ZHVIo&google_cver=1&google_push=ATf1kGO1m3M2I_rbjdVunAIoLRM9Nu38yMFdYc3U_TcrtQU8PA66BlQulmoHIKuyxIIOc87O9yXhQcmP6pjgs6DZOiyIriwxpKWJHRU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uq83n3MPT8u1e7n2KL_Vlw2&google_push=ATf1kGO1m3M2I_rbjdVunAIoLRM9Nu38yMFdYc3U_TcrtQU8PA66BlQulmoHIKuyxIIOc87O9yXhQcmP6pjgs6DZOiyIriwxpKWJHRU
Request Chain 141
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIjZgk-3-nAMdAbSleGKG7E&google_cver=1&google_push=ATf1kGObCXw4zn9mnpHaPGJuHYrViP1Mbd9159nwQ6wTwKPN5iBe0ST9jr2PIWe16v8c1J6k4SFJq3qEArdMKI21AhnLkNF-jfABOoQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGObCXw4zn9mnpHaPGJuHYrViP1Mbd9159nwQ6wTwKPN5iBe0ST9jr2PIWe16v8c1J6k4SFJq3qEArdMKI21AhnLkNF-jfABOoQ
Request Chain 144
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 146
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFvLSjeAnKqPhmTjCEN2Iys&google_cver=1&google_push=ATf1kGPtfvk8iNAFVNSMaZzR1ve07HNGhGEiCWD5fmoIv2RKkCDVT8tfP7LDwmS0q9JBz4EsgYTklyt6pd0oXn50lMBDGAp__jOnIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPtfvk8iNAFVNSMaZzR1ve07HNGhGEiCWD5fmoIv2RKkCDVT8tfP7LDwmS0q9JBz4EsgYTklyt6pd0oXn50lMBDGAp__jOnIQ
Request Chain 149
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGs_8epMM7_yr3L55ISG2ow&google_cver=1&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNyfRfQhemARWXBZDLA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGs_8epMM7_yr3L55ISG2ow&google_cver=1&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNyfRfQhemARWXBZDLA HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433827822345355&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNyfRfQhemARWXBZDLA&google_hm=8Wf9mcSbRW6pW4JzrwoXoA==
Request Chain 151
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMXhxBgF7aEYDv_DvkTERsg&google_cver=1&google_push=ATf1kGPoIcchLhNhwmSmGUGG_8dcfI75Mok8niRDDu6UcVjhlxwYKEODg6FSepolsZYZ_inLJLgr1lqEt-LE69ETyYe9xHNPwofi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPoIcchLhNhwmSmGUGG_8dcfI75Mok8niRDDu6UcVjhlxwYKEODg6FSepolsZYZ_inLJLgr1lqEt-LE69ETyYe9xHNPwofi
Request Chain 152
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBLPONgkPh96XoJzYErXOQ8&google_cver=1&google_push=ATf1kGPsVT7LqPfkBfCold2n0q0uIdie2g8fGKBdI0mm2P1VSJPmSM_4nL3As5GQFoXG6KTik7aIFnbPY1eFA3OsOJvBCXxjZfUvm8M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPsVT7LqPfkBfCold2n0q0uIdie2g8fGKBdI0mm2P1VSJPmSM_4nL3As5GQFoXG6KTik7aIFnbPY1eFA3OsOJvBCXxjZfUvm8M HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

163 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request zero-click-flaw-windows.html
securityaffairs.com/146061/security/
85 KB
19 KB
Document
General
Full URL
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b08448c5f7e23a7de0c1eb3f33b9bd5c06fec0096eb0baea74267400b07baa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
7c5af19519a09217-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 13:59:39 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/146061>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=146061>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FpEGzRN4qIs0srTmrJkZ2a5Bw7JcxFK%2BYLHgMJ2AJGkb2JtN4xvcuUkXle29tLcGW8h1rYIbxJXKis0Qcnjqyn0T6hTcA7Tvyf3gGKq5c4Opzox6qQ8%2B403LoE1O9P56EegkfLVEWzb55OGbi0jFPS1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-pingback
https://securityaffairs.com/xmlrpc.php
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
136 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6570eb1a62ef4617668b14c0bc9d38a555ca3c31b71e45f6eb8b3565d15f509c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47605
x-xss-protection
0
server
cafe
etag
4805800718770011264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 11 May 2023 13:59:39 GMT
style.css
securityaffairs.com/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
550138
cf-polished
origSize=104503
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-19837"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhDMO7wT4n1y3IhVbTJY6V5s%2F0M7NMcVnRKAefPaG79YLF2XuqysSPWJ1zPPSutT%2FkAkKGIsCyG%2FKRnS8g1ajdwHiSpbme1ZD4vEwhyqkT%2BHGGc1NANm7nfzXvzY4IkplFkNDwVTLO9htTi8yfLrHsXZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af19589f69217-FRA
expires
Fri, 12 May 2023 05:10:41 GMT
view.css
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/
2 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=317afd605f368082816f
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
312048
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 07 May 2023 22:37:52 GMT
server
cloudflare
etag
W/"64582840-64a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbJtbAlv%2BhCqbw%2BlikU%2BLz9PA3EnkodLdnd5kfbWfrBg8FXApFZ0n5RpAf85Frj%2FFFl83XJtDuLJLKHz39PCqtJU1qC48nBTNGh5jeoioBpcjqfChRRVg7brxXMXeJd%2FZTKZmd74thMi8m6cC6Iqv4ut"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af19589f79217-FRA
expires
Sun, 14 May 2023 23:18:51 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
193060
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qveOAA7INpZaA1jiwbqofJNLN6AFCwcn7Qg14SZRhKf7cAZpr9ER0DFfdIDrUzVqbS41fpOWgFFhIfWDQqKlcAIkIueGtAmS7t0KG6TKjQQyKg9s0w6B5uexlMkAcBcEFnOkxkEXFGhUfKswIYX0jlTG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af19589f89217-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 08:21:59 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
550138
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogoTDkfSFrEsj7hmK6u226QnPwxLrysT1FkoocPFEQHjlFyst5TNCbL2rc%2BY6hZqqZbUfpof8n0f0rVZ4IY0L80wk1yVtZybm65YZnIxOL4hfuDnVWiAa4ef4uLYGBpcD2t%2FVBjiYmjqsEI46Szpe5xk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af19589fa9217-FRA
expires
Fri, 12 May 2023 05:10:41 GMT
classic-themes.css
securityaffairs.com/wp-includes/css/
257 B
496 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/css/classic-themes.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51398
cf-polished
origSize=729
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rlf7nMO5Sc%2BWQasWNYHPGyo0D9iCyrttbIAjIv%2F0IuLuvsv4EQ3mOgXX2vbcDnxQ5afMnxz%2F5XDY0mnziX8wLIJW6k%2B8RhXXMTJ3kEkpc8pnpZkRaF8LT5e0q2sms4IhcQflYQGYGFNM%2F4Pw6NG%2Beb7C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af19589fb9217-FRA
expires
Wed, 17 May 2023 23:43:01 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.9
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481993
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 22:52:14 GMT
server
cloudflare
etag
W/"644c4e1e-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APL6mVWynwKn%2Fc6eCTjo%2FqJ0j4t7yB4opzlV%2B9tyx4Dh53YPePprZ7zXV6V4WCvnE5oKALUg%2BH17UUB%2F%2FG6vw2wFv9NzcdFJLyTEGutznKca55RvGwsDlOYLJRFE0AevUs9uVaJsJuwIRunx0eEClVS7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af19589fd9217-FRA
expires
Sat, 13 May 2023 00:06:26 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.9
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481993
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 22:52:14 GMT
server
cloudflare
etag
W/"644c4e1e-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAaaUGx2PdyqOiA6o0KPJu2%2BbtWC9K2e9EAcTYk%2B5JfKBylM0cWBOod4gq08x9KdyCE%2BmdHkHwygZl8PwKd78MYKiDVUfMMFUGreIUW57j9wNfHY0oP5TIRtxbhnMOjsf%2F00D6INCx9TjXdTrkxguzMR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af19589ff9217-FRA
expires
Sat, 13 May 2023 00:06:26 GMT
custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/
15 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193060
cf-polished
origSize=19858
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
cloudflare
etag
W/"56716d33-4d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INR4yX%2BS60JPLvE3CCSRAsN8rQwc9ynM7Q3N%2FxieOaVWDVgt25z%2BGEkD5cSzUUXCXBJFZQGfiI9RSvumfStVbbTMuxPN%2FOj3z2eAAgm6HNVAL6QHgdC%2B4%2FRnPaLGt5XqtBNLF%2B08ciFyX9LV5wjAEGbc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1958a009217-FRA
expires
Tue, 16 May 2023 08:21:59 GMT
tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/
461 B
673 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193060
cf-polished
origSize=539
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
cloudflare
etag
W/"56710b7c-21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oS1%2FajErtckUuLg%2FmGAixxx3p4TA2HvYf5sv8gWSEScWcgYKBzEIXLECoU1R%2BLfIdfsaJwkDLIyDPwQoNoXP5F9MN7BAME5J35XaWelrLunwJvvyzNzxvEHvebBkoWTDlcd6byC26UFa4sBSRZkKDDz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1958a019217-FRA
expires
Tue, 16 May 2023 08:21:59 GMT
flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/
5 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193060
cf-polished
origSize=6225
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
cloudflare
etag
W/"56716d3d-1851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGIsyu5IMYyNdJ0yDR%2FC5PGrDjNbe62IfueyTSqbyYVhVw9Yf%2FrVkNmu4fI%2FzXoLjMFUomK5GSq%2F5CwJLL1gzW9s5f1%2BV0yad811%2BwijGx3vvFk5hkFpFqAF1vuGK45%2BSr32skWDuVZmhBJlLtPaEH4%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1958a029217-FRA
expires
Tue, 16 May 2023 08:21:59 GMT
animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/
1 KB
687 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
275446
cf-polished
origSize=1716
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
cloudflare
etag
W/"56710b7a-6b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX4Ng7uYRVM5cOIjPs%2B%2Bk7nmewhUfYshTs7ofCoYLMBPGf2iz%2Bk%2FfPSQGRRRM%2B7F4N0eL9P8zRGoIlJfoA8e1xJUeinaVY1g76YHXTa3N9sBybpcixXaXm65ukxzPmUvaEE74P6HPLCSal6ez75QetdB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a079217-FRA
expires
Mon, 15 May 2023 09:28:53 GMT
font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
548340
etag
W/"56710b7a-4574"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fkD%2FWzBlTfVOcgr%2Fb%2FQSD5TAEnrb7%2Fi4MPQRClaLgjayVpP2A%2BAEKsoA44Vxbsem%2F5LMY7WAOazrFOBf4SIHyOBSBhfCDvBQ9Apu2bzyZ0oL90gM222M4SAGSPc3xVfilJnEwee0pZ7258TjXTEXj0O"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a099217-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 May 2023 05:40:39 GMT
swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/
3 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193060
cf-polished
origSize=4493
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
cloudflare
etag
W/"56710b8a-118d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EN%2Fq%2FOSsOGOUT%2FoMVVxju60ry3XypQWPfwAOspVBZLL9kyJGXw4J9eJlQoMHlYGmmdLjW%2Bt4aabzRvtYGv21XCgIUo1O5w8dWnJzQ8yBYNLhXSzWwK5TJ%2FlS%2BOnlRnooB4APjv3b7LFDAhqBY37oF%2FjN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a0b9217-FRA
expires
Tue, 16 May 2023 08:21:59 GMT
jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/
264 B
446 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193060
cf-polished
origSize=334
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
cloudflare
etag
W/"56710b7a-14e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHtFybRYPuxPMboAxFeLBdorClJ%2BqF6D0QApYQqyAXDblU9u9EGTuS9L9moXAVxKh8ZYgpC60C4itfKcgjuQnx8otePN8Q9nQqpODr4HdBH9JZ9hPASSdsMUMdmPnqr4NX%2BHG6s1RhEN1%2BkBqW0Ludpn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a0c9217-FRA
expires
Tue, 16 May 2023 08:21:59 GMT
screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/
95 KB
18 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193060
cf-polished
origSize=112708
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
cloudflare
etag
W/"56710b7c-1b844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v76HOY91j5%2B34fwrbZXJ8r6HUwF36RMhWvTMFVbLxV57v3HEJSgi0dcHxyzXpfZPKPrEksteEmjy5sThuxDSLNfK5WH%2FLnbgXqliUlNcMW4623j0SiteJpD2iJK5zT%2BUuADgCiBJmkT4ZgmLAJ5IYQNd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a0d9217-FRA
expires
Tue, 16 May 2023 08:21:59 GMT
custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/
12 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgq8R2Vg1Bfld3YiO5ZuDJsPr83bzZGwr%2BJ9NYt1wD9Z5E2Om2b58hyV51GWSo7tU%2FFRuQ1dS2EauKoNPp3WZqigHVK9CL4cpMJvMcSOzOLzzjFKd4of9p9zXBl348IbTKm2r0mu6SdNF%2BQvjNEafEWr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset: UTF-8;charset=UTF-8
cf-ray
7c5af1959a0f9217-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
9 KB
910 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 13:58:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 13:59:39 GMT
css
fonts.googleapis.com/
3 KB
889 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 13:44:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 13:59:39 GMT
css
fonts.googleapis.com/
4 KB
683 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 13:59:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 13:59:39 GMT
css
fonts.googleapis.com/
4 KB
659 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 13:59:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 13:59:39 GMT
grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/
43 KB
8 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51398
cf-polished
origSize=50674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
cloudflare
etag
W/"56710b7b-c5f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aYLODFdFp2dvFzgCI4gFjlObCtl3tq%2Bjuaf1kat2t01lnVNy5mGlspVk2lt9MlAlViilf%2FuODurnb6izRMK9mW3hPeKMkQ1mc4%2FBjvB9j%2BTGlzxHz%2B8TKdfapS%2BSTzewHp0Tl%2BS%2BtkkGn05eVVMPZI4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a109217-FRA
expires
Wed, 17 May 2023 23:43:01 GMT
sharing.css
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/
16 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=12.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311380
cf-polished
origSize=19408
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 07 May 2023 22:37:52 GMT
server
cloudflare
etag
W/"64582840-4bd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG8T4bEECC1xi2dsyWOg%2BXLjKmJ9LzSnmYk69OxDaoUq%2BfFq7iunDhE2wKUebT0GJHsDmMg6XLldP%2B01BYS1kHbHYXF8oTmQTCsBOwoG3Ii5gwt5RWe8asnv5lJ9jnD8tEwmoqRq%2Baso9oTQME9a1olH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a119217-FRA
expires
Sun, 14 May 2023 23:29:59 GMT
social-logos.css
securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/
11 KB
8 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=12.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311379
cf-polished
origSize=12101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 07 May 2023 22:37:52 GMT
server
cloudflare
etag
W/"64582840-2f45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0qi8YHPIs4Puae%2BaiSbu2%2BUOJZHbkx%2BvObD%2B8TI5dObr13Nw5GgrIH%2BSv2MRsPBVK86We4tUsApWFbdUQ3XTnexfgoUDRj3WF2H9dsMDCVUJUarwgTkhcjol%2FOAuAnoeX%2FqsbAV9JlcO2iXltL%2FMb0%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7c5af1959a129217-FRA
expires
Sun, 14 May 2023 23:30:00 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/
142 KB
42 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.6.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51398
cf-polished
origSize=292478
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-4767e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3K7Bw3QM1mnLNLCgeUKgnUXSUvpL5tF3t5A78JdIVllcN%2F%2BcFtBn3tc6EONhgY0dz9T1HlB8ShHVDpx3hjNmjQM04mVnvyeh4Xyu8%2FHQ4tnl60%2B9o4CT2W%2FnTuwkBZ%2B8EOPs%2BI2qDqMHuldcts%2BNrMRp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1959a149217-FRA
expires
Wed, 17 May 2023 23:43:01 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/
18 KB
6 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51398
cf-polished
origSize=30789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-7845"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ%2BfnV0I3Nh4YZKZl8BjWb84h5GAUybBF1IgfxFNzazD7iCcrcQghB3hjxOc6R98UFiTacYlRhNls60HC4ZBocCglrtkcCPT7oGeMmYr6M6J1r2z2V3TqfO3toEMu%2F1QtGmt1GcroFKO1A1NOC8kSVk2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1959a159217-FRA
expires
Wed, 17 May 2023 23:43:01 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/
27 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.9
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
486254
cf-polished
origSize=34179
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 22:52:14 GMT
server
cloudflare
etag
W/"644c4e1e-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iqSDJJ53BhgjxopYWsbzUQCIvtFGC5WsFaKG6MWTltSGglCRsEUtZJ2udEhj4opwm9SnQiBKmppRzS6RfQSOSW1Vn6xswj6uhyLo105jTlJRWIBBWEnVqeyE2165JvEGI8aZQWcxSseg2tpMAtyFrQ%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1959a169217-FRA
expires
Fri, 12 May 2023 22:55:25 GMT
sharethis.js
platform-api.sharethis.com/js/
201 KB
45 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.125 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-125.dus51.r.cloudfront.net
Software
/
Resource Hash
47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:55:04 GMT
content-encoding
gzip
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DUS51-P2
age
313
etag
W/"32234-AoJ3k+MJOOKcahR2z6uk+gkFH+s"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
8Km-dwy74xxP8nGEn_Y7h9TAuosT3gFBLZxuctuUXOHrkttXxVnbfw==
image-33.png
securityaffairs.com/wp-content/uploads/2023/05/
61 KB
61 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/05/image-33.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27b011cf9ead3918926e26d088502758cc32fc28d33abc3a7617236ccaf6a8b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62382
last-modified
Thu, 11 May 2023 12:23:57 GMT
server
cloudflare
etag
"645cde5d-f3ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nzZe6l%2BfXOS9xaNM3LsD8gF%2BCKgKCBVsSPfuusfW5Rg5wmtpBhpxgC8ygllwRKQC1ClhcdUsUQ%2FYYDb%2Ff92Y6X%2FC4e8h2xn8vAygM3gegzPnhV5e8vUDbmCYJul8SJx4iLfvu7O2jbBw6%2FP%2BEG%2BazGE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c5af197edca9255-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-32.png
securityaffairs.com/wp-content/uploads/2023/05/
113 KB
113 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/05/image-32.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f5745662458cf2de267fcb9f663214d0809e064dc2310072a6f8b1739bfb4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15741
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115493
last-modified
Thu, 11 May 2023 09:04:24 GMT
server
cloudflare
etag
"645caf98-1c325"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfRrHAjR8OchkAwlbW7unZLM8f26GCuLvtoKVwnZrYZB0HL3itXbukDN4XrKQ%2FJYVjsYWjzUJGfjJEQPEaIufpABBwzilKnYscnFwBJX1JqfFOPyikDj%2BhyUX2pHqvz1VHUWq9JlFtywJCaUZJOMJZzi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c5af197edcb9255-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-28.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/05/
14 KB
14 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/05/image-28.png?resize=300%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
fbefb7a1468c18b746b0bc77f66da5ed989ef3c94ccbe74563081e193f81a8c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 11 May 2023 13:59:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 May 2023 07:03:35 GMT
server
nginx
etag
"ff16b78f8287979e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/05/image-28.png>; rel="canonical"
content-length
14308
expires
Sat, 10 May 2025 19:03:35 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"644bd41c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUvnfl1I7CxdGZC%2FNN9v2cJ%2FK8Ht3eLhqQ7qmXSeDBIanjvYYXRadTNdUAlIGcUZrsRM3aOJwYewmVVJujVKwaBeo0JtHw8HM3fOWWlw4KQyVhGjEthw5WRIgpPpHsjhfq1rpIVB9ZlolwxU6oyswP%2Fw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c5af1966c4b9255-FRA
expires
Sat, 13 May 2023 13:59:39 GMT
js
www.googletagmanager.com/gtag/
244 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de4da7cafb54bd5dc09d4f57132c6b3924ea775c9b15350c926bf67b3a4c69ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84993
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 13:59:39 GMT
photon.js
securityaffairs.com/wp-content/plugins/jetpack/modules/photon/
927 B
955 B
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279228
cf-polished
origSize=1760
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 07 May 2023 22:37:52 GMT
server
cloudflare
etag
W/"64582840-6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcObLBFohjMIH5TIn1LzGdJrsJ63tDEYVIkAIiZzTgEaHd07r7Ex8P4y1gTH7tLjTxMaTBCb9H28gObBVnkOXilAKQNOXHU5XjstQGohYskZLtdCTTRRsE9h1VgkrUNVbv0M4YazUvFvoHIcGgvdvdQd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1968c6e9255-FRA
expires
Mon, 15 May 2023 08:25:51 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/
2 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1682722338
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481919
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 22:52:18 GMT
server
cloudflare
etag
W/"644c4e22-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bW0%2FIRmwt%2Be2MTjY3EzKNYdHXJj9nI5tWsVsStlT2YYx0biMiZL3GLRXmMFF%2BA1X68RUwL1lS1wOF2M4guUfwVE1BuE2gbi2%2B0mLIupeE9D1INEpYJkdRK34L2u9fsTFuXp%2BpsOb1nm7BFlQU4lyVS5n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af196ac869255-FRA
expires
Sat, 13 May 2023 00:07:40 GMT
hint.js
securityaffairs.com/wp-content/themes/rigel_old/js/
467 B
786 B
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199065
cf-polished
origSize=987
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQqzUa%2BcXpAZwz9lxyjs5wBteyLsGQAn%2F1aSzOQGoMjMj%2B7CMfG2Y9Q5lzm5Pzqk65G4bGhdWD6B%2F5P10tjDMyt443PYlE67qndmD3j1k7ilJrWvZvCqBKPjiZ2aRgZYh80fcnZEl0IL2%2Fsop8dvmslD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af196cca69255-FRA
expires
Tue, 16 May 2023 06:41:54 GMT
jquery.tipsy.js
securityaffairs.com/wp-content/themes/rigel_old/js/
2 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197184
cf-polished
origSize=4371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-1113"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BD2LeaM4GKuJNk0KCTP2o9eBKoRC3fkheM4%2FRMyqbvmItw03DRh4F4CFMk1pR9vx2jnexlUiAQuXVvVbtctJliNuwmk845xv9FS1O4yS%2FNfcanIW9BCFjfKUFPjde8VqrVHvzWAoHaLpFolVhQ%2BGzvw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af196dcbf9255-FRA
expires
Tue, 16 May 2023 07:13:15 GMT
jquery.easing.js
securityaffairs.com/wp-content/themes/rigel_old/js/
4 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
551112
cf-polished
origSize=8097
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-1fa1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9MtozxwaIxs9SmS63IQReZ3m283p1RhUmZfQoeckpbOa%2B4ZjV1SOzEBY29QtrVSBAKMB3%2BoQDjC%2BPilh7ni6ahMWG7EMNK85N%2BHMMVHJ4r%2BFDMRTFqO79ywRPHJPFbC9LEiZc1usOCPXrb3mfL4ua%2Fl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1970ce69255-FRA
expires
Fri, 12 May 2023 04:54:27 GMT
browser.js
securityaffairs.com/wp-content/themes/rigel_old/js/
2 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
560976
cf-polished
origSize=2614
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
cloudflare
etag
W/"56710b88-a36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qS6EJggEmAb06mVkAX2aJtaHzKdIWmMNVnc2ZKQ79%2BE0bFv%2BZOFfzaVf3%2Bwo0IxvemvSXeKpTPP8hvpTKXlQICp1gfemdVIr3hcUiB%2FZzYsWCUFgKuh2XOk7k9oi0ONeh6gSg71piNNaPOa%2FZiRWJK3M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1971d049255-FRA
expires
Fri, 12 May 2023 02:10:03 GMT
jquery.flexslider-min.js
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/
21 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38357
etag
W/"56716d3e-53ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Rb0Z7T9WnR7O%2Byl5p9UeFUpGOkR7COxxCIkIulRrdTGOoCQS8OwNaS1QEUvvCDoMewj72VrcArMUdcPf%2BWadiID9o2cME9FBUYUnl7XkNXuBFp9SdGFBbYq8sAJfHkzQpW8QUW%2FTd0y%2F268VU86XLIw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1972d269255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 03:20:22 GMT
waypoints.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
8 KB
3 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
196744
etag
W/"56710b8a-1f6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9MOQGG6gIbfcFZVurm%2FyA3D8kOO47p2ZYm4D3k0C83C82As4y1vvtlm0DsKLul%2Bu5uZkRouUaHzxzOyUbLX%2BOzeSq1jJTMdBMsz%2FOZWRWHte5W2fp1VEbgmZAcndXkWwbaxcGP5asKxYO3dmMUY%2BGCV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1974d3e9255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 07:20:35 GMT
mediaelement-and-player.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/
69 KB
20 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
548458
etag
W/"56716d42-11571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cs9Wsz7JO42hxiuOI7ceK%2FuzMzoKxWBdon%2BsLNSVTYMXEM2ku0%2FpThfGEFFK7ytsEQLLW3C46iPH1mXJDLK7bKR6id1B7uttQVzAMbO7jVZNIhmwUm13SmhYeM3KH8ZIoYRWBskF2SssCn2DOgmdL4dt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1976d4f9255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 May 2023 05:38:41 GMT
jquery.swipebox.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
11 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
276285
etag
W/"56710b89-2a67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5P2Kva76aAM735F18fFqwo8%2F%2FsUj00YUv0gizrGpQq8eFNs66vWpCbdD5Xc7TMGzXuLZ88ly40cySJ2mk51bOfbzGV4y%2Blpp6SQVZbzw5WJNODlsLDiudh0tbvjXVfkl8hazViH7r%2FsoEOtgEYjN2TX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af1979d6a9255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 15 May 2023 09:14:54 GMT
jquery.circliful.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
3 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
197184
etag
W/"56710b89-c18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJxqqGhr%2FMO0nN9Vah1V7uOStUqgvNkqaFkyOXUTVSmTTooV0bqWODyAYmly3U2wm2MnYfPTqyDHXvqb0Dedc7ejn48F2OnjR5XTJBrBdMQP%2Bl3RDJfqaDQpYqrZIuIPF3b6t6qmZNkKdcJJcCjB37qe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af197ad819255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 07:13:15 GMT
jquery.smarticker.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
13 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
194329
etag
W/"56710b89-3225"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkKCVQef1KAKRtoePWkogHxVPMrwBOTP7HWSsddVimdwMqg%2FYTuzvNSls3XYSZoL%2B4MO2l43rfBK5pHvqxerB5kHCJGvlybNIf00tTAm2n9HXdBq%2B86PlnDxpBbnykZT%2FWYZ9GCyyUH1bL8OJEiphrmN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af197cdab9255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 08:00:50 GMT
custom.js
securityaffairs.com/wp-content/themes/rigel_old/js/
10 KB
3 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197184
cf-polished
origSize=12756
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
cloudflare
etag
W/"56710b88-31d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYmN1m5fHGvkiDZ0X%2FsoKXNy7DjHjB%2FD64IUKj0EkHnt5IJhAC2XqsWcU1QReNMOhMdxkk2bfj1nz6vc96rdhjFQkg3jQAWHCMeq%2Bm1%2BXV7bYvOUYUaTqZVCSvA%2FWBDA90AtzCeH9iEb0hX2XaKvniTP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af197edc69255-FRA
expires
Tue, 16 May 2023 07:13:15 GMT
e-202319.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202319.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT hhn
date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
server
nginx
etag
W/"62f6b688-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 05 May 2024 19:10:07 GMT
sharing.js
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/
12 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=12.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311378
cf-polished
origSize=18206
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 07 May 2023 22:37:52 GMT
server
cloudflare
etag
W/"64582840-471e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSIZArgIt8m27Jo3fhPFjPbk0b3074%2FfAIi8%2BXccCuidoldJpmOA%2BXFCGhVcjaPP89QMa%2FXBSn00h0mVSQd351FaS89QxAMG8j7PokoCxP9vgxIgPDepnbWuDGtZtB2ILw2wK0UPEAbR%2FsdJS%2F4kZS7k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af197edc89255-FRA
expires
Sun, 14 May 2023 23:30:01 GMT
twemoji.js
securityaffairs.com/wp-includes/js/
17 KB
5 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/twemoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
548457
cf-polished
origSize=33089
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-8141"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVZi%2FAJTrDQQzQ6pewtON0QJRVChnF2rYuUbianFCYxFfjjdwcV%2Fn7CRDHYg53M3zWM7WiRmWdwU8wTN0LB%2Bsl9nWxReVVNkKO9XDrFPDCDmoTtiTlbsJ8yPn1jhzbXw%2FB6pZadIvHIVVmg3%2FRmfSOk1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af197edcc9255-FRA
expires
Fri, 12 May 2023 05:38:42 GMT
wp-emoji.js
securityaffairs.com/wp-includes/js/
4 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49166
cf-polished
origSize=8969
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAQrHJ%2BPDZU3ayHZhekPAvUAhwh3bs6zuBXQ8%2BDcKzc3FXZolZL%2BTNnq08DydrbDTXq8Z%2BR5W4RcClMSNhXWG8qR%2Bypq8BEG7A4f6r3gOUAoTlZ37X1WdIM5AmhQkS5wSLQt3mEAm%2BDfPxKYEFoEqtJT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7c5af197edcd9255-FRA
expires
Thu, 18 May 2023 00:20:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/
356 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b615436e568e22c620a4da8f4f67aef0f2634f7087e9e179d9c1f6958890fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122742
x-xss-protection
0
server
cafe
etag
305201490125073809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 May 2023 13:59:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230509/r20190131/ Frame 1BC0
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230509/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 07:24:07 GMT
etag
15057649708203361565
expires
Thu, 25 May 2023 07:24:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
63aa5463b92caa0012f81022.js
buttons-config.sharethis.com/js/
438 B
887 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/63aa5463b92caa0012f81022.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:3800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DUS51-P1
age
58
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
438
last-modified
Wed, 28 Dec 2022 04:37:49 GMT
server
AmazonS3
etag
"d0446970cab2a3b08a2f4f8bdf2fbef7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
T2dHlEoSbBbpEWmIrEotogXyRx-IVQj7euXGW-KAbzGKHvT7Jj9mTw==
gtm.js
www.googletagmanager.com/
107 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9f8fb53562ae09e299c4f10a21f062c0324bbf454c6776c1f7b2891f395a25f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42332
x-xss-protection
0
last-modified
Thu, 11 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 May 2023 13:59:39 GMT
pview
l.sharethis.com/
0
406 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=A%20zero-click%20flaw%20in%20Windows%20allows%20stealing%20NTLM%20credentialsSecurity%20Affairs&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=Researchers%20shared%20technical%20details%20about%20a%20flaw%20in%20Windows%C2%A0MSHTML%20platform%2C%20tracked%20as%C2%A0CVE-2023-29324%2C%C2%A0that%20could%20be%20abused%20to%20bypass%20security%20protections.%20Cybersecurity%20researchers%20have%20shared%20details%20about%20a%20now-patched%20security%20flaw%2C%20tracked%20as%C2%A0CVE-2023-29324%C2%A0(CVSS%20score%3A%206.5)%2C%20in%20Windows%C2%A0MSHTML%20platform.%20An%20attacker%20can%20exploit%20the%20vulnerability%20by%20crafting%20a%20malicious%20URL%20that%20would%20evade%20zone%20checks.%20%E2%80%9CAn%20attacker%20can%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.99.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-99-188.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 13:59:39 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 00:06:44 GMT
x-content-type-options
nosniff
age
481975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 00:06:44 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/
17 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 20:19:02 GMT
x-content-type-options
nosniff
age
409237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17908
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 20:19:02 GMT
fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/
43 KB
44 KB
Font
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11705948
etag
W/"56710b81-ad90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9o5V%2BYyvrW8ZZ4JGXiTdo68tBpSdiagQCn184NXgpZBn2i1nhqcalWHTZatTK8WkUo1WrMufdnFWbPH8XfExswtK689GG5GDEe4PgE%2F72xJgFwl%2FBQmso%2F0kYu4JLzGX87Aml11FOHbzTJFF109OEmU"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=315360000
cf-ray
7c5af1980dee9255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 06:16:45 GMT
x-content-type-options
nosniff
age
459774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 06:16:45 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 11:58:03 GMT
x-content-type-options
nosniff
age
439296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 11:58:03 GMT
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 00:29:29 GMT
x-content-type-options
nosniff
age
480610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24448
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 00:29:29 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 11:05:17 GMT
x-content-type-options
nosniff
age
442462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 11:05:17 GMT
truncated
/
6 KB
6 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d

Request headers

Referer
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/octet-stream
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/
1 KB
1 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 11 May 2023 13:59:39 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Thu, 11 May 2023 14:04:39 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/
30 KB
30 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 11 May 2023 13:59:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"90081d39f1874091"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
30524
expires
Thu, 26 Dec 2024 13:09:36 GMT
logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/
7 KB
7 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 11 May 2023 13:59:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"f66b518bba6e1555"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7234
expires
Thu, 26 Dec 2024 13:09:36 GMT
newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/
19 KB
19 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 11 May 2023 13:59:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"d8c02e2ccf1e41bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
18968
expires
Thu, 26 Dec 2024 13:09:36 GMT
EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/
13 KB
13 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 11 May 2023 13:59:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 00:56:49 GMT
server
nginx
etag
"a583ea31753e6f10"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length
13098
expires
Thu, 26 Dec 2024 12:56:49 GMT
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=146061&tz=0&srv=securityaffairs.com&j=1%3A12.1&host=securityaffairs.com&ref=&fcp=595&rand=0.1674288926677734
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 13:59:39 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
js
www.googletagmanager.com/gtag/
220 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f433cf705873a9b5248c8833edae2bc34a8698e9acf4a3ee9dcbd96f06ddad8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 13:59:39 GMT
js
www.googletagmanager.com/gtag/
244 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a7920805c979437e23450158db1c08ed6a95020494bf7c4f0a5c87db6d8c456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84870
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 13:59:39 GMT
collect
region1.analytics.google.com/g/
0
257 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je3580&_p=966607844&_gaz=1&cid=1917688529.1683813580&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683813579&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&dt=A%20zero-click%20flaw%20in%20Windows%20allows%20stealing%20NTLM%20credentialsSecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
257 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=1917688529.1683813580&gtm=45je3580&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
409 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=1917688529.1683813580&gtm=45je3580&aip=1&z=1182440475
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
405 B
611 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36472440fa866dc5b243c1073203c39dea80a7ab2d97ee58da5847a8c7795781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
532 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
457 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8881
266 KB
68 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1683813579&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813579273&bpp=237&bdt=156&idt=460&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7133123642753&frm=20&pv=2&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=492
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610f268002d4c515cff058e426f770e482dee885391de177da6eedb88f9dcb9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
69523
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:41 GMT
expires
Thu, 11 May 2023 13:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
46 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=45je3580&_p=966607844&cid=1917688529.1683813580&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683813579&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&dt=A%20zero-click%20flaw%20in%20Windows%20allows%20stealing%20NTLM%20credentialsSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/
151 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa7e842c3d836663b279c12a0bdd0baca93227732234da6e2db6ba1a28d59aea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52467
x-xss-protection
0
server
cafe
etag
498059069453102000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 13:59:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C2&c=ca-pub-4918072057181794&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6481
91 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b996ebfee45a49a5cac85ad69d748379099e6a409766e53cf0eb33608677fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
35019
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:41 GMT
expires
Thu, 11 May 2023 13:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AC59
84 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1416a90f03f455a4b93981e7bb106106e7b1e9f8bafbff4b2f62e73f985abc7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34300
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:41 GMT
expires
Thu, 11 May 2023 13:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-4918072057181794&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230507_103457&sat=1683595364425&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=0&mdns=0&alldns=0.231&allp=15&fd=(0%2C3%2C1)%2C(1%2C0%2C0)%2C(2%2C9%2C1)&pgh=3806&abl=false&rr=n&su=securityaffairs.com&pvc=3831289804630022&r=0.1&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C2&c=ca-pub-4918072057181794&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/ Frame AF7D
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 14:24:54 GMT
etag
15057649708203361565
expires
Wed, 24 May 2023 14:24:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/ Frame 7352
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 14:24:54 GMT
etag
15057649708203361565
expires
Wed, 24 May 2023 14:24:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame AF7D
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 12:28:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 13:59:41 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AF7D
205 B
649 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 12:20:50 GMT
x-content-type-options
nosniff
age
5931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 May 2024 12:20:50 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AF7D
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 08:06:52 GMT
x-content-type-options
nosniff
age
21169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 May 2024 08:06:52 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/elements/html/ Frame AF7D
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 14:07:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
85931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8020
x-xss-protection
0
server
cafe
etag
10981734531507917325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 May 2023 14:07:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/ Frame 7352
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
2819082803130748066
tpc.googlesyndication.com/daca_images/simgad/ Frame 7352
30 KB
30 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2819082803130748066
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ea04c662d6268be3e6fee411f01195c27dc9b8b23c6be258a586f7e0a238a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:24:54 GMT
x-content-type-options
nosniff
age
405287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30420
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 14:43:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 21:24:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 7352
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:43:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 7352
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7352
169 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 13:59:41 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 7352
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 14:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
82818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13044
x-xss-protection
0
server
cafe
etag
498276857413144450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 May 2023 14:59:23 GMT
css
fonts.googleapis.com/ Frame B194
9 KB
932 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 12:33:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 13:59:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame B194
2 KB
845 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:45:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/ Frame B194
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame B194
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:43:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame B194
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B194
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 13:59:41 GMT
fe5bb951bcb64b0813d5b031a6a87c6d.js
www.gstatic.com/mysidia/ Frame B194
32 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13644
x-xss-protection
0
last-modified
Mon, 08 May 2023 06:22:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:08:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2B30
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:10:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2B30
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:41 GMT
expires
Thu, 11 May 2023 13:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame B5A0
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 23:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
224286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 23:41:35 GMT
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame 5AA6
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 23:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
224286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 23:41:35 GMT
2741937260372780159
tpc.googlesyndication.com/simgad/ Frame AC59
101 KB
101 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2741937260372780159?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkvalCVyZF-qRQ2k8dF3K5WJMfQYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
494335b97e979d902568b469f013b9429dc6324c9140ee9e6388a5186dc854ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 05:24:44 GMT
x-content-type-options
nosniff
age
462897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103315
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 07:11:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 05:24:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/ Frame AC59
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame AC59
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:43:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame AC59
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
l
www.google.com/ads/measurement/ Frame AC59
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHzOoLS7tFket3VpFRvHVcQ-3z-BsLYl7IvHAMwDbPY_El3a1IJpdU8rt24dSS3o11ixLnzymV6kzLDT7joyxJH7ZpSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC59
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 13:59:41 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame AC59
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 14:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
82818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13044
x-xss-protection
0
server
cafe
etag
498276857413144450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 May 2023 14:59:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AC59
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFpzCzfRcZIzlEOTH1fAP2oacuAjQjYnCcOen6-S0EdainaCMDhABILuj4JgBYJUCoAGcr_uoAsgBAqgDAcgDyQSqBIECT9D-opVK2vDiBghzd3Ak6Pwtm130FzZY3QtrfgtIrThWRNGoJ7yvYRA_dIH6icQKLpe9vq7fkg4zUO0ycDfI_8-_VazUrkJ0dn6Aaybx8MFV618qP984oJgS1IEkyt5Day1wajRU6yx5Mv0sAcymdm1CRmEpGbNkbVzP2SCNvtlCn7tN-oFhOHwI19k7sqqK70vsbdbz_h12FtkWvyAWe_wlv5njv8yOBnfNlDLX8blL-gvX4yFNXNanXX3ufIQ8q8rUt8cxzkCwgOF5yr7GBExmx5UAeA71B6df-nYE1rpTvNrnTl3faMvnQCJtWXCnahWWqefT_BJXicBHaxrwnijABM2E5rKkBJIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIHRFdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDkxODA3MjA1NzE4MTc5NBgA&sigh=rreu7fWYW6o&uach_m=[UACH]&cid=CAQSOwBygQiDDo_v-yEF-2SOZkh-sgdqbY13IhFgmFHdxbAdA6ldsX4yfZOvnp-Kvjm8bWzoBvd6s30uMEPwGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 May 2023 13:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 00C3
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:10:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 847B
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 07:18:46 GMT
etag
48472445140208031
expires
Fri, 12 May 2023 07:18:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 6481
6 KB
706 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 13:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 12:31:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 13:59:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 6481
2 KB
799 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:45:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/ Frame 6481
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 6481
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:43:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 6481
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 13:41:31 GMT
l
www.google.com/ads/measurement/ Frame 6481
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoh8YtOZ6agqTUaBDeoDVT8Tn_1qH4YsSAZRJAdBh45lsOZxhly0dQnh1wJL2ZdKUluyloZArV8TZV38nKZktBVGxs7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6481
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 13:59:42 GMT
fe5bb951bcb64b0813d5b031a6a87c6d.js
www.gstatic.com/mysidia/ Frame 6481
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13644
x-xss-protection
0
last-modified
Mon, 08 May 2023 06:22:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:08:25 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6481
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cgc2DzfRcZPOlD7e61fAPjvKqkAy-zKeecNOQwsSvEZSR3d3BOhABILuj4JgBYNUFoAHO-5LiKMgBCakCuEm_tTNnsj6oAwHIA8sEqgSHAk_Q4Q6hU9cRyDC0Wnf6QahE8ej9hGH2zifdpQsAsVNFV4lmupN9pMI1jsyjBifZHp1I50Sm0-wLkwVU8TI1A9zXbDUGyvEAIcOfpx2xj5YrD8XP8dKDTUMpVoDDRxB5LGkerGfUBYHfgQKJkk6TamGoJQYbdk2ch4prQCT2RReKBjtBtchn1s0f-Zx9yqqMJNCwyP82XLB7xFwMjTX8XAE0RfPzSPkreckYMp_kn6Gj2PuVFss9Pkh1zRIxG_Tw0YjQHSXMv4OFSLiP0tT3zImBEJx32NPeHwRmIXbBanPRP53GMMTtufwdxbXdWtJhL3Wtj5k6E4gljcLOB7iRzsUx21HcTWnFwATmo-2angSSBQQIBBgBkgUECAUYBKAGLoAHzrPjwQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCwgB_SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=HwsG6Fs0BKU&uach_m=[UACH]&cid=CAQSOwBygQiDQ4GHiykgNNzoimDPYFqH4ZE66ACGgTKavoYsxBtCr4xmeZplXW5nnoE40f6mXGmF1O-g1aqUGAE&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 May 2023 13:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/3845457592557212705/ Frame 6481
78 KB
78 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3845457592557212705/14763004658117789537?w=1200&h=628
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9f748be7135ff574ba77c4b51b9dc8336e453ceed4141bb0fdde767a47c3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 10:26:45 GMT
x-content-type-options
nosniff
age
12776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80006
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 13:32:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 May 2024 10:26:45 GMT
truncated
/ Frame 6481
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AC59
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e058b9094d6d245d87eba1dfd108e46a61686e05da30eac2f0a44e2c0470775d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 847B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEo-oWf12IIZyxynPCwwvwo&google_cver=1&google_push=ATf1kGMY9LBOaxUnEqtpcyaNeUlb2yRsungm_xHWGrq9YYzAvBTg0X8Q6unRQwa4ogDW4wx1iH_SCfyFcvE_w2cQvjTvvzf5p5BOxA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5Njg0NzE2NDgyMzc2MDMxNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED5pvTanEsrTb95omH65i44&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED5pvTanEsrTb95omH65i44&google_cver=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/146061/security/zero-click-flaw-windows.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED5pvTanEsrTb95omH65i44&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 847B
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELHeW5YYLE7CfwBMHbMATsE&google_cver=1&google_push=ATf1kGPIT8hIBJi5LVvD3qWtwgH7ukzg34Osvlf8DeawIWJ46xWK3cxU_UVAjrKam6fJn5lQDVrQlp7cRWvXoJsprDlaFKV8Pm55Qg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 847B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELZPj3ahQDF1aZ5m7mDZ07I&google_cver=1&google_push=ATf1kGNjTRf8sVbVWxzf64Pl0sKA5j8qFwGhc8YjdinJz3dCHUJd0GPEQKPc5H8itQ6kqsogE_GTPEm8ManrEUKl...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNjTRf8sVbVWxzf64Pl0sKA5j8qFwGhc8YjdinJz3dCHUJd0GPEQKPc5H8itQ6kqsogE_GTPEm8ManrEUKl3kVAYCxy5CllDw
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNjTRf8sVbVWxzf64Pl0sKA5j8qFwGhc8YjdinJz3dCHUJd0GPEQKPc5H8itQ6kqsogE_GTPEm8ManrEUKl3kVAYCxy5CllDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 11 May 2023 13:59:41 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x27 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNjTRf8sVbVWxzf64Pl0sKA5j8qFwGhc8YjdinJz3dCHUJd0GPEQKPc5H8itQ6kqsogE_GTPEm8ManrEUKl3kVAYCxy5CllDw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 11 May 2023 13:59:40 GMT
pixel
cm.g.doubleclick.net/ Frame 847B
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN9WaLm07ocCorrjd-sAxwM&google_cver=1&google_push=ATf1kGPUfV6giua5eldMeR8zdnN0fgoPcPLCeyeemWnQ75xgTiA9Ct2p6jciXAI6cC-vCVRgx6fkfWz3GFh...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPUfV6giua5eldMeR8zdnN0fgoPcPLCeyeemWnQ75xgTiA9Ct2p6jciXAI6cC-vCVRgx6fkfWz3GFhNrmzFiJ9PNSoC1To7fg&google_hm=M2CWb3LgQt6wvRW08C...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPUfV6giua5eldMeR8zdnN0fgoPcPLCeyeemWnQ75xgTiA9Ct2p6jciXAI6cC-vCVRgx6fkfWz3GFhNrmzFiJ9PNSoC1To7fg&google_hm=M2CWb3LgQt6wvRW08C1O_4g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:41 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPUfV6giua5eldMeR8zdnN0fgoPcPLCeyeemWnQ75xgTiA9Ct2p6jciXAI6cC-vCVRgx6fkfWz3GFhNrmzFiJ9PNSoC1To7fg&google_hm=M2CWb3LgQt6wvRW08C1O_4g
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 847B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKA-kUtDkn78I0PSQ0ZHVIo&google_cver=1&google_push=ATf1kGO1m3M2I_rbjdVunAIoLRM9Nu38yMFdYc3U_TcrtQU8PA66BlQulmoHIKuyxIIOc87O9yXhQcmP6pjgs6DZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uq83n3MPT8u1e7n2KL_Vlw2&google_push=ATf1kGO1m3M2I_rbjdVunAIoLRM9Nu38yMFdYc3U_TcrtQU8PA66BlQulmoHIKuyxIIOc87O9yXhQcmP6pjgs6DZOiyIriwxpKWJHRU
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uq83n3MPT8u1e7n2KL_Vlw2&google_push=ATf1kGO1m3M2I_rbjdVunAIoLRM9Nu38yMFdYc3U_TcrtQU8PA66BlQulmoHIKuyxIIOc87O9yXhQcmP6pjgs6DZOiyIriwxpKWJHRU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 11 May 2023 13:59:41 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uq83n3MPT8u1e7n2KL_Vlw2&google_push=ATf1kGO1m3M2I_rbjdVunAIoLRM9Nu38yMFdYc3U_TcrtQU8PA66BlQulmoHIKuyxIIOc87O9yXhQcmP6pjgs6DZOiyIriwxpKWJHRU
x-host
tde-deliveryengine-production-797dcffc79-c67h7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 847B
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEM0dKGtIB5Ucp1MwYAHCIrA&google_cver=1&google_push=ATf1kGNCB3L6FQ9QDFneB1-zyv530p7UpzSiIfhMFL4aJ_kZiDn6X8pl84GW8HfrnNlV6yHMeMRtTJAQvDZvaBdYDBkPgkl_YeYNXwY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:41 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
265988
expires
Thu, 11 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 847B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIjZgk-3-nAMdAbSleGKG7E&google_cver=1&google_push=ATf1kGObCXw4zn9mnpHaPGJuHYrViP1Mbd9159nwQ6wTwKPN5iBe0ST9jr2PIWe16v8c1J6k4SFJq3qEArdM...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGObCXw4zn9mnpHaPGJuHYrViP1Mbd9159nwQ6wTwKPN5iBe0ST9jr2PIWe16v8c1J6k4SFJq3qEArdMKI21AhnLkNF-jfABOoQ
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGObCXw4zn9mnpHaPGJuHYrViP1Mbd9159nwQ6wTwKPN5iBe0ST9jr2PIWe16v8c1J6k4SFJq3qEArdMKI21AhnLkNF-jfABOoQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGObCXw4zn9mnpHaPGJuHYrViP1Mbd9159nwQ6wTwKPN5iBe0ST9jr2PIWe16v8c1J6k4SFJq3qEArdMKI21AhnLkNF-jfABOoQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 847B
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgFjEFmyY9MbRRQHJp-O8hSZ_8TGPOe5Y78avLhyH3DkBVu8S36h69ahHfhsZrnMAbnHe_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CBD6
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 07:18:46 GMT
etag
48472445140208031
expires
Fri, 12 May 2023 07:18:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 00C3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:41 GMT
expires
Thu, 11 May 2023 13:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6481
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
388ff8378ed381977a3107f841161bcc931254cd73f987823551f9ad92781c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame CBD6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFvLSjeAnKqPhmTjCEN2Iys&google_cver=1&google_push=ATf1kGPtfvk8iNAFVNSMaZzR1ve07HNGhGEiCWD5fmoIv2RKkCDVT8tfP7LDwmS0q9JBz4EsgYTklyt6pd0oXn50...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPtfvk8iNAFVNSMaZzR1ve07HNGhGEiCWD5fmoIv2RKkCDVT8tfP7LDwmS0q9JBz4EsgYTklyt6pd0oXn50lMBDGAp__jOnIQ
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPtfvk8iNAFVNSMaZzR1ve07HNGhGEiCWD5fmoIv2RKkCDVT8tfP7LDwmS0q9JBz4EsgYTklyt6pd0oXn50lMBDGAp__jOnIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 11 May 2023 13:59:42 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPtfvk8iNAFVNSMaZzR1ve07HNGhGEiCWD5fmoIv2RKkCDVT8tfP7LDwmS0q9JBz4EsgYTklyt6pd0oXn50lMBDGAp__jOnIQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 11 May 2023 13:59:41 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame CBD6
0
0

google
match.adsrvr.org/track/cmf/ Frame CBD6
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBs_IePF5OkFKI9wUm8aYZU&google_cver=1&google_push=ATf1kGMgSxPdofsQWB1yiP-esbzE7Ui8dNIF_uRagt_D1OdeXfYAtly49yoWJEREFh1PF8YVRbBeDFk_R6JW4ClkP6SQLrR-3VM_pQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CBD6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGs_8epMM7_yr3L55ISG2ow&google_cver=1&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNyfRfQhe...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGs_8epMM7_yr3L55ISG2ow&google_cver=1&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNy...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433827822345355&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNyfRfQhemARWXBZDLA&google_hm=8Wf9mcSbRW6pW4JzrwoXoA==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNyfRfQhemARWXBZDLA&google_hm=8Wf9mcSbRW6pW4JzrwoXoA==
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMeyMe-PE5RiNsMSdmB951PoJXX7810mmuL6kEmepH-SCe5ux1iIRBrUeH_TFJ7IAecOaw_Pjgz8BnkNyfRfQhemARWXBZDLA&google_hm=8Wf9mcSbRW6pW4JzrwoXoA==
date
Thu, 11 May 2023 13:59:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame CBD6
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEKIZtRCvAvnawzp0GnSHnxs&google_cver=1&google_push=ATf1kGPGoJPlAYonTxjwULMXtWO7TusHfQOeDE1s3I5zoIfQlWm0odcRiuoFbaufVsF2JXH9hBuitlSMOSDgYeTW1h5jfF5FnwFUwQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:41 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
282690
expires
Thu, 11 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CBD6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMXhxBgF7aEYDv_DvkTERsg&google_cver=1&google_push=ATf1kGPoIcchLhNhwmSmGUGG_8dcfI75Mok8niRDDu6UcVjhlxwYKEODg6FSepolsZYZ_inLJLgr1lqEt-LE...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPoIcchLhNhwmSmGUGG_8dcfI75Mok8niRDDu6UcVjhlxwYKEODg6FSepolsZYZ_inLJLgr1lqEt-LE69ETyYe9xHNPwofi
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPoIcchLhNhwmSmGUGG_8dcfI75Mok8niRDDu6UcVjhlxwYKEODg6FSepolsZYZ_inLJLgr1lqEt-LE69ETyYe9xHNPwofi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPoIcchLhNhwmSmGUGG_8dcfI75Mok8niRDDu6UcVjhlxwYKEODg6FSepolsZYZ_inLJLgr1lqEt-LE69ETyYe9xHNPwofi
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame CBD6
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBLPONgkPh96XoJzYErXOQ8&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPsVT7LqPfkBfCold2n0q0uIdie2g8fGKBdI0mm2P1VSJPmSM_4nL3As5GQFoXG6KTik7aIFnbPY1eFA3OsOJvBCXxjZfUvm8M
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Thu, 11 May 2023 13:59:42 GMT
pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 13:59:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CBD6
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6oNOb8eDRPhyE5EjWa57hR7d5FKKiWPL1C8GdXlAOrwypYTsWquH0tU2Dh5Zsv73WiVTv2w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame 805E
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1683813581&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581230&bpp=1&bdt=2113&idt=1&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0%2C630x280&nras=3&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=71JHpnCwBE&p=https%3A//securityaffairs.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 23:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
224287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 23:41:35 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6481
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 06:22:44 GMT
x-content-type-options
nosniff
age
459418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 06:22:44 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6481
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 23:14:12 GMT
x-content-type-options
nosniff
age
485130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 23:14:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c755f2e4b480bdcbaa48102ba8a6564aa09c334cdeac89d996a6a81452658194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11218
x-xss-protection
0
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame 6983
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.3066112503~i.19~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1683813581&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F146061%2Fsecurity%2Fzero-click-flaw-windows.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683813581195&bpp=3&bdt=2078&idt=3&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D706a1144bd57dd3a-22de9e48c9dd005a%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg&gpic=UID%3D00000bf094afeda5%3AT%3D1683813579%3ART%3D1683813579%3AS%3DALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA&prev_fmts=0x0&nras=2&correlator=7133123642753&frm=20&pv=1&ga_vid=1917688529.1683813580&ga_sid=1683813580&ga_hid=966607844&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44773809%2C44759876%2C31074432%2C44788441&oid=2&pvsid=3831289804630022&tmod=777591229&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PT8s6eYWlv&p=https%3A//securityaffairs.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 23:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
224287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 23:41:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 May 2023 13:59:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E378
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:54:52 GMT
expires
Fri, 10 May 2024 13:54:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F8F6
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
712245bc5809f8696a266cf2aac1ab0558f2af633f59cdb6898f7d2606cc2860
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rkNWbgFzBGQUFuGbqAqsRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-rkNWbgFzBGQUFuGbqAqsRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 13:59:42 GMT
expires
Thu, 11 May 2023 13:59:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame E378
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 23:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
224287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 23:41:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F8F6
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230509&jk=3831289804630022&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame E378
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?11VAtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:59:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230509&jk=3831289804630022&bg=!9fal9qLNAAYldGN0BXQ7ADkAdvg8WlYyyaru-m1IyS-w5ODkoXhJw4Oka5cH4VguLs-dBeuZ8aopjtXRjIAQ18vEMZWkKICnhEsCAAAAUlIAAAACaAEHmQKgoA6OW5bi9x71YMgv0WHs6dJDVJfbJzdvD6mGv4k2PFy_sLmrKOY5fgFr3IWbmIwIYsh9JREqi9ppNt691aUL_ZP7eLvbv3rk_8uoGGWDEeHrMuBTBq58k6_Qr8LbpNeVvbOPhVtWNj5b3BBjXQc0cmnrHbDO45-j6qujEEGGZSAWBwEhb1oS2OETT9B_pfggQMtMHK_ULX0BSU2ImsYbcKhA2jv9lUAwwWZwTmID1UxPEaWZmmki9XY07MUsLbjm-qsJPv14UlQOdnWEMX0PXDXWHi9RZbZ6p4BwMhc6ZiZdP2n3oMYlH16HM8KyOBLBmrYe7zUIe227PXDVPIhck9JJ2wPwqf3Uy4W8RWv1uKZAtv-JIF6iHMkdfUWVrV1URs5it1X4AuhNGGAbUbFPjuJHWINGcpA_mU-jw8CXjbnVtHRoZsKyYwo8ARhkubBcrCzvWFmMOFbR1FE8VXy6_Orbxe6JmkA6IITbIwMUX0q01uuZzLkQ5RFZdj-KNzp6S34m0Qf38_WcI_thagycYW3Dx74aSiplwtrSpl9wBIEnWS6oJTVRe4m6kWxkaQ71IsGYXJjuFADncsuY_uCCFhP4lqtMust277DYI8AsQJEGWHwfNFogFdme66f40-SQ-Lil5-DxCQFvCJCFFArJPPa1-LWEYCIQaY_hVVJv8x7CAWcLimE0J_JVwMm4fua_ouKcnUSLdpaU8UM1Bu6izyxzazCo4gmzddtObqwlbBaWtCVRkHdFAajOxDE2DgqHh6_d-3ODNpgQA7d0aBlfwHr1LF1uDp4syz-5NM4kmeb8HuvLKHp8JuLwtyaJSYp61W6ZQlQCM8dAaDxKkk9VhqrwGWSFg3Znqtdl5LXK2vhdcjC0ufEAkS1fx7rujqq2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEO_ui6a4Ec7BYdlFq0C_LC8&google_cver=1&google_push=ATf1kGOzO91WXOEaFZ69dLXBCSLZmeN6HmC0i8obbY6zA6ZHhjvh_65Brr-QPhyTKaNHQyF7ljgB6O2KCu--8083JBGzXrVjE5aD

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| dataLayer function| google_spfd number| google_unique_id object| google_sv_map function| gtag object| WPCOM_sharing_counts object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| _stq object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| wp object| twemoji object| google_tag_manager function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp number| google_lpabyc object| googletag object| GoogleGcLKhOms

23 Cookies

Domain/Path Name / Value
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.com/ Name: _ga_NPN4VEKBTY
Value: GS1.1.1683813579.1.0.1683813579.60.0.0
.securityaffairs.com/ Name: _ga
Value: GA1.1.1917688529.1683813580
.securityaffairs.com/ Name: _ga_P62M3QN974
Value: GS1.1.1683813579.1.0.1683813579.0.0.0
.securityaffairs.com/ Name: __gads
Value: ID=706a1144bd57dd3a-22de9e48c9dd005a:T=1683813579:RT=1683813579:S=ALNI_MZmdDArWMUQlUXvl6lXSAtK31x9Xg
.securityaffairs.com/ Name: __gpi
Value: UID=00000bf094afeda5:T=1683813579:RT=1683813579:S=ALNI_Ma4pu5hiKSwlUGTqWNiejK55eIDkA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnE_0XlH0Pna_GELu4EonDmQB-euECuNl2094uyVAOi4aYJAYEsCQwPNjZLS3E
.quantserve.com/ Name: d
Value: EEsBCQH7KIEA
.quantserve.com/ Name: mc
Value: 645cf4cd-ecef6-f4812-1ba0f
.ctnsnet.com/ Name: cid_3360966f72e042deb0bd15b4f02d4eff
Value: 1
.ctnsnet.com/ Name: gid_CAESEN9WaLm07ocCorrjd-sAxwM
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22BAAF379F-730F-4FCB-B57B-B9F628BFD597%22%7D
.mathtag.com/ Name: uuid
Value: ad6f645c-f4ce-4500-ae0b-b4b426cd1679
.mathtag.com/ Name: mt_mop
Value: 4:1683813582
.turn.com/ Name: uid
Value: 3796847164823760315
.bidswitch.net/ Name: tuuid
Value: f167fd99-c49b-456e-a95b-8273af0a17a0
.bidswitch.net/ Name: c
Value: 1683813582
.bidswitch.net/ Name: tuuid_lu
Value: 1683813582
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMrcwMjI2MTU2NRXiM9QtTgvzLdQ1NUqPd3EDAD69YkglAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFsYWhsamFkZGIAANRvBz4QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMrcwMjI2MTU2NRXiM9QtTgvzLdQ1NUqPd3EDAD69YkglAAAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
buttons-config.sharethis.com
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i0.wp.com
l.sharethis.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
platform-api.sharethis.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
secure.gravatar.com
securityaffairs.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
sync-tm.everesttech.net
104.111.217.42
108.157.4.125
142.250.185.162
178.250.1.9
185.29.134.248
192.0.76.3
192.0.77.2
193.0.160.131
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2600:9000:224a:3800:c:abe:f440:93a1
2606:4700:3031::ac43:8cd3
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9c
2a04:fa87:fffe::c000:4902
3.67.131.231
35.186.193.173
35.190.0.66
35.71.131.137
51.75.86.98
52.28.99.188
00f5745662458cf2de267fcb9f663214d0809e064dc2310072a6f8b1739bfb4c
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b
0b615436e568e22c620a4da8f4f67aef0f2634f7087e9e179d9c1f6958890fd2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
1416a90f03f455a4b93981e7bb106106e7b1e9f8bafbff4b2f62e73f985abc7a
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
15b996ebfee45a49a5cac85ad69d748379099e6a409766e53cf0eb33608677fb
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b011cf9ead3918926e26d088502758cc32fc28d33abc3a7617236ccaf6a8b9
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11
36472440fa866dc5b243c1073203c39dea80a7ab2d97ee58da5847a8c7795781
388ff8378ed381977a3107f841161bcc931254cd73f987823551f9ad92781c53
3a7920805c979437e23450158db1c08ed6a95020494bf7c4f0a5c87db6d8c456
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b
47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494335b97e979d902568b469f013b9429dc6324c9140ee9e6388a5186dc854ce
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
610f268002d4c515cff058e426f770e482dee885391de177da6eedb88f9dcb9b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6570eb1a62ef4617668b14c0bc9d38a555ca3c31b71e45f6eb8b3565d15f509c
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
712245bc5809f8696a266cf2aac1ab0558f2af633f59cdb6898f7d2606cc2860
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84ea04c662d6268be3e6fee411f01195c27dc9b8b23c6be258a586f7e0a238a6
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d
a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1
a9f748be7135ff574ba77c4b51b9dc8336e453ceed4141bb0fdde767a47c3701
a9f8fb53562ae09e299c4f10a21f062c0324bbf454c6776c1f7b2891f395a25f
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c755f2e4b480bdcbaa48102ba8a6564aa09c334cdeac89d996a6a81452658194
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf
de4da7cafb54bd5dc09d4f57132c6b3924ea775c9b15350c926bf67b3a4c69ba
e058b9094d6d245d87eba1dfd108e46a61686e05da30eac2f0a44e2c0470775d
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f433cf705873a9b5248c8833edae2bc34a8698e9acf4a3ee9dcbd96f06ddad8b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b08448c5f7e23a7de0c1eb3f33b9bd5c06fec0096eb0baea74267400b07baa
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa7e842c3d836663b279c12a0bdd0baca93227732234da6e2db6ba1a28d59aea
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
fbefb7a1468c18b746b0bc77f66da5ed989ef3c94ccbe74563081e193f81a8c3
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4