securityonline.info Open in urlscan Pro
3.126.196.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Submission: On October 29 via manual (October 29th 2020, 10:45:52 am UTC) from GB

Summary HTTP 416 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 31 domains to perform 416 HTTP transactions. The main IP is 3.126.196.163, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is securityonline.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 29th 2020. Valid for: 3 months.

This is the only time securityonline.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 95	3.126.196.163 3.126.196.163	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700:303... 2606:4700:3035::681c:b6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
85	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
14	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	184.31.84.150 184.31.84.150	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	52.50.254.113 52.50.254.113	16509 (AMAZON-02) (AMAZON-02)
2 3	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3 16	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
109	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	63.33.218.134 63.33.218.134	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20d... 2600:9000:20d7:fa00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 3	2.19.34.195 2.19.34.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:20d... 2600:9000:20d7:a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
416	42

95 3.126.196.163 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

securityonline.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3035::681c:b6f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-0.securityonline.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.156.95.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.144.59.88 (United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.50.254.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

109 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.218.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-218-134.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.249.164 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:fa00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.34.195 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	securityonline.info 1 redirects securityonline.info cdn-0.securityonline.info	474 KB
92	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net	297 KB
71	googlesyndication.com pagead2.googlesyndication.com f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com tpc.googlesyndication.com	815 KB
51	ampproject.org cdn.ampproject.org	1 MB
21	google.com 3 redirects adservice.google.com www.google.com cse.google.com clients1.google.com	170 KB
15	ezoic.net g.ezoic.net go.ezoic.net	2 KB
13	gumgum.com g2.gumgum.com	12 KB
10	gstatic.com fonts.gstatic.com	121 KB
7	googleapis.com fonts.googleapis.com	5 KB
5	google-analytics.com ssl.google-analytics.com www.google-analytics.com	36 KB
4	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	lijit.com 2 redirects ap.lijit.com	2 KB
3	casalemedia.com 2 redirects htlb.casalemedia.com ssum.casalemedia.com	7 KB
3	onetag-sys.com onetag-sys.com	534 B
3	a-mo.net prebid.a-mo.net	1 KB
3	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com	78 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	criteo.net static.criteo.net	48 KB
2	google.de adservice.google.de www.google.de	1 KB
1	quantcount.com rules.quantcount.com	347 B
1	indexww.com js-sec.indexww.com
1	adsrvr.org match.adsrvr.org	545 B
1	rlcdn.com api.rlcdn.com	330 B
1	googletagservices.com www.googletagservices.com	27 KB
1	googleadservices.com partner.googleadservices.com	411 B
1	pinterest.com api.pinterest.com	391 B
1	facebook.com graph.facebook.com	639 B
1	adnxs.com ib.adnxs.com	716 B
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
416	31

	Domain	Requested by
95	securityonline.info	1 redirects securityonline.info
83	securepubads.g.doubleclick.net	securityonline.info securepubads.g.doubleclick.net
58	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securityonline.info cdn.ampproject.org securepubads.g.doubleclick.net
51	cdn.ampproject.org	securepubads.g.doubleclick.net
16	www.google.com	3 redirects www.google.com securityonline.info
14	g.ezoic.net	securityonline.info
13	g2.gumgum.com	securityonline.info
10	fonts.gstatic.com	fonts.googleapis.com
10	pagead2.googlesyndication.com	securityonline.info pagead2.googlesyndication.com
9	cdn-0.securityonline.info	securityonline.info
7	fonts.googleapis.com	securityonline.info securepubads.g.doubleclick.net
4	ad.doubleclick.net	2 redirects securityonline.info
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com securityonline.info
3	sb.scorecardresearch.com	1 redirects go.ezoic.net
3	f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ap.lijit.com	2 redirects securityonline.info
3	onetag-sys.com	securityonline.info
3	prebid.a-mo.net	securityonline.info
3	ssl.google-analytics.com	securityonline.info
2	ssum.casalemedia.com	2 redirects
2	static.criteo.net	securityonline.info static.criteo.net
2	cse.google.com	securityonline.info www.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	ads.pubmatic.com	securityonline.info
2	adservice.google.com	securityonline.info pagead2.googlesyndication.com
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	go.ezoic.net
1	go.ezoic.net	securityonline.info
1	js-sec.indexww.com	securityonline.info
1	match.adsrvr.org	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	clients1.google.com	securityonline.info
1	www.google.de	securityonline.info
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.pinterest.com	cdn-0.securityonline.info
1	graph.facebook.com	cdn-0.securityonline.info
1	mug.criteo.com	securityonline.info
1	hbopenbid.pubmatic.com	securityonline.info
1	ib.adnxs.com	securityonline.info
1	htlb.casalemedia.com	securityonline.info
1	bidder.criteo.com	securityonline.info
1	cdn.onesignal.com	securityonline.info
1	www.googletagmanager.com	securityonline.info
416	48

This site contains links to these domains. Also see Links.

Domain
silktide.com
itm4n.github.io
github.com
www.facebook.com
www.twitter.com
www.youtube.com
www.paypal.com
meterpreter.org
g.ezoic.net

Subject Issuer	Validity	Valid
securityonline.info Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
ezoic.net Let's Encrypt Authority X3	`2020-09-25` - `2020-12-24`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.a-mo.net Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-09-02` - `2020-12-01`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.ezoic.net Amazon	`2020-03-15` - `2021-04-15`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Frame ID: 84DAA78972A1F8458C610B5ED7B6A9C5
Requests: 267 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201026/r20190131/zrt_lookup.html
Frame ID: C1526709B23C45A341F4FCD6DD9F90F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1603968336&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A16810120%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603968336408&bpp=5&bdt=496&idt=121&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8318106190623&frm=20&pv=2&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=1&ga_wpids=UA-124345349-20&iag=0&icsg=4236130531278850&dssz=106&mdo=0&mso=2048&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726948%2C21067105%2C21067166%2C21067466%2C44730556&oid=3&pvsid=2079961931876282&pem=176&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=140
Frame ID: D975D1732EB99A4071494E33F72BBC7D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: C8A9F1EB9BD5D858C6744B56EA52603A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: FBF61442C7A043C85478BB6D3E83E872
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=securityonline.info
Frame ID: 033A889B87282E75311944E208A40E53
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0DBAE1427EFC88426D9745A1F4119994
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1777EB1468A63C84C3204FF39D9EE828
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1603968336426
Frame ID: C9AC39423AD5AB3425E2EC1C41489074
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: BA00EAF1D5FD83324A2B4D465624F5C4
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: E201DAB9B818A343936C19CCC53EBC6A
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 99E708CFE26DD9EFD438CD5DC530BFC4
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 87ACCD9EF8EC49CE3928933951F90CCA
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 673EC8E9D4D15232A1792A71C7E94694
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 4173C18CF8DAEBBCCE65FE4750BDD172
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: B535B755D0FAC1921C167FE2BCBEF575
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 0C42072CAB06DA846359F0BFA91BA499
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 16C1220D0DFD135DB6A206683A1FAD80
Requests: 12 HTTP requests in this frame

Frame: https://f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 53480DD979C7EA12357F5BB96D7E8DC8
Requests: 1 HTTP requests in this frame

Frame: https://f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 04C69BEA66D1511429B383E9FBFF3D78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019 HTTP 301
https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

416
Requests

100 %
HTTPS

54 %
IPv6

31
Domains

48
Subdomains

42
IPs

8
Countries

3222 kB
Transfer

8615 kB
Size

32
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://itm4n.github.io/printspoofer-abusing-impersonate-privileges/
Title: For more information

Search URL Search Domain Scan URL

URL: https://github.com/itm4n/PrintSpoofer/releases
Title: Download

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DdoS-109131310571187/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/the_yellow_fall

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/penetrationtestingwithddos

Search URL Search Domain Scan URL

URL: https://github.com/FreelancePentester

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=freelance%2epentester%40yahoo%2ecom&lc=GB&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG_global%2egif%3aNonHosted

Search URL Search Domain Scan URL

URL: https://meterpreter.org/category/vulnerability/feed/

Search URL Search Domain Scan URL

URL: https://meterpreter.org/
Title: Suggested Reading

Search URL Search Domain Scan URL

URL: https://meterpreter.org/cve-2020-3992-vmware-esxi-remote-code-execution-vulnerability-alert/
Title: CVE-2020-3992: VMWARE ESXI Remote Code Execution Vulnerability Alert

Search URL Search Domain Scan URL

URL: https://meterpreter.org/oracle-critical-patch-update-october-2020-fixed-421-vulnerabilities/
Title: Oracle Critical Patch Update October 2020 fixed 421 vulnerabilities

Search URL Search Domain Scan URL

URL: https://meterpreter.org/cve-2020-24407-cve-2020-24400-adobe-magento-file-upload-allow-list-bypass-sql-injection-vulnerabilities-alert/
Title: CVE-2020-24407, CVE-2020-24400: Adobe Magento File Upload Allow List Bypass/SQL Injection Vulnerabilities Alert

Search URL Search Domain Scan URL

URL: https://meterpreter.org/cve-2020-16922-windows-spoofing-vulnerability-alert/
Title: CVE-2020-16922: Windows Spoofing Vulnerability Alert

Search URL Search Domain Scan URL

URL: https://meterpreter.org/cve-2020-17023-visual-studio-json-remote-code-execution-vulnerability-alert/
Title: CVE-2020-17023: Visual Studio JSON Remote Code Execution Vulnerability Alert

Search URL Search Domain Scan URL

URL: https://g.ezoic.net/privacy/securityonline.info
Title: Read more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019 HTTP 301
https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityonline.info%2F&domain=securityonline.info&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=cLZoeXxXZUh2R1MrcUIycDVHOVhqSW02cG0xNmdRRTMwZVJzVTlyRkNyQ3JPbitIcjRQWmpCOUNHbVEwOXljcnRBRmpaRk02ZHRqb2VFWHl2N1BZallKamRmSnU0V29oazM2WTkyVnZ5RHM5RVJrQVBicUg5OHlCTEI1bzh5N3JSOEVXQ1pzYUsvOEN6ckVrMzRwNHZ6Yk53aDl6SFkrbER1anhTS0p2NlFvZ2hFdzlyUkdXTnB4OHV6eFFXLzR5WUJIR3R2YkEyeldpOWNWRnFvZVI4Z2JqZ2xvZjc5TkRJR0dmNlpmcUdCLzNraExnPXw&cppv=2

Request Chain 70

https://www.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa HTTP 302
https://cse.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa

Request Chain 155

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=index_rtb&uid=X5qdU-6wd3LNENRcjeEtKgAA%261113

Request Chain 156

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=sovrn&uid=de3199b9105fbff83aef60cd

Request Chain 196

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 219

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 252

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1603968341942&ns_c=UTF-8&cv=3.5&c8=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&c7=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1603968341942&ns_c=UTF-8&cv=3.5&c8=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&c7=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&c9=&cs_ak_ss=1

Request Chain 382

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=962009389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CJi3z9rP2ewCFZ2rdwodt5EIrQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=962009389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 394

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=396746923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CIa7z9rP2ewCFeFQ5QodZb8CSg;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=396746923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

416 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Redirect Chain

https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019
https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

167 KB
29 KB

837ms
836ms

Document
text/html

3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

436d1c7cde9d97909adad17f1f2b6555ec17bd117da141a0c83efd4e35f71d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: securityonline.info
:scheme: https
:path: /printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Oct 2020 10:45:35 GMT
display: pub_site_sol
expires: Wed, 28 Oct 2020 10:45:35 GMT
pagespeed: off
response: 200
server: nginx/1.16.0
set-cookie: ezoadgid_124533=-1; Path=/; Domain=securityonline.info; Expires=Thu, 29 Oct 2020 11:15:35 UTC ezoref_124533=; Path=/; Domain=securityonline.info; Expires=Thu, 29 Oct 2020 12:45:35 UTC ezoab_124533=mod21; Path=/; Domain=securityonline.info; Expires=Thu, 29 Oct 2020 12:45:35 UTC active_template::124533=pub_site.1603968335; Path=/; Domain=securityonline.info; Expires=Sat, 31 Oct 2020 10:45:35 UTC ezopvc_124533=1; Path=/; Domain=securityonline.info; Expires=Thu, 29 Oct 2020 11:15:35 UTC ezepvv=0; Path=/; Domain=securityonline.info; Expires=Fri, 30 Oct 2020 10:45:35 UTC lp_124533=https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/; Path=/; Domain=securityonline.info; Expires=Thu, 29 Oct 2020 12:45:35 UTC ezovid_124533=1194554330; Path=/; Domain=securityonline.info; Expires=Thu, 29 Oct 2020 11:15:35 UTC ezovuuidtime_124533=1603968335; Path=/; Domain=securityonline.info; Expires=Sat, 31 Oct 2020 10:45:35 UTC ezovuuid_124533=5b554baa-3bc0-4ccd-7c94-f16953dbcada; Path=/; Domain=securityonline.info; Expires=Thu, 29 Oct 2020 11:15:35 UTC ezCMPCCS=true; Path=/; Domain=securityonline.info; Expires=Fri, 29 Oct 2021 10:45:35 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site

Redirect headers

status: 301
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Oct 2020 10:45:35 GMT
display: staticcontent_sol
expires: Wed, 28 Oct 2020 10:45:35 GMT
location: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
pagespeed: off
response: 301
server: nginx/1.16.0
strict-transport-security: max-age=31536000
vary: Accept-Encoding Origin,Accept-Encoding
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-pingback: https://securityonline.info/xmlrpc.php
x-redirect-by: WordPress
x-sol: pub_site
content-length: 513

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityonline.info

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 dall3270.js Show response
securityonline.info/porpoiseant/ 362 KB
102 KB 47ms
47ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0b95a3a8861b0ca2198fb54800d3c398d52817f49ca4672fb8ebbb2138edbe48

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
etag: "5a8c0-5b247a75f0e00;5b247a75f0e00-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 200 boise.js Show response
securityonline.info/detroitchicago/ 983 B
488 B 28ms
24ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/boise.js?gcb=191-2&cb=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 426

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
38 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-63315582-2

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56dfe6376f14d728ef1a7aa14099f52305767ebff8963759be76d7828e15962d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
908 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52df8a245d91ed0c010c160750e959934e80caf88d6f0e96c26f5354c88781e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 10:45:35 GMT
server: ESF
date: Thu, 29 Oct 2020 10:45:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 10:45:35 GMT

GET
H2 200 br0pk.css
cdn-0.securityonline.info/wp-content/cache/wpfc-minified/2y1t9d76/ 155 KB
25 KB 64ms
18ms Stylesheet
text/css 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/cache/wpfc-minified/2y1t9d76/br0pk.css?ff=1&wps=true
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69a25e21a7f5a43376d8f91b3e2f5aed453da3b2a5bb45b80b13bce87361d79

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,Origin
cf-cache-status: HIT
x-sol: orig
age: 5042782
cf-polished: origSize=158369
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 06158f985f000005dceb064000000001
pragma: public
response: 200
last-modified: Fri, 28 Aug 2020 00:49:20 GMT
server: cloudflare
etag: W/"5f0c3b34-2693c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c%2F59Sn%2FCxbXniqOkEAcQeAtKIHE2fzZ%2BSSy3VndhaM6CROS9FTUaetqgd1cnenvdwNCmaKA5wja9T5fk2Urpz0UIbN%2BQsGsCtfHVGmGpx8xlw6%2B22hjdxJ%2FEARMQ1ky1nMHWaz%2FE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Thu, 01 Oct 2020 01:59:13 GMT
cache-control: public, max-age=31536000
cf-ray: 5e9c4ed3caa105dc-FRA
display: staticcontent_sol, orig_site_sol
cf-bgj: minify

GET
H2 200 br0pk.css
cdn-0.securityonline.info/wp-content/cache/wpfc-minified/7z76zcfw/ 57 KB
12 KB 67ms
21ms Stylesheet
text/css 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/cache/wpfc-minified/7z76zcfw/br0pk.css?ff=1&wps=true
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bd6ba996aaa9583f93316051574f62058bf393715778a58dc3c86079f3a321

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,Origin
cf-cache-status: HIT
x-sol: orig
age: 605022
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 06158f985f000005dce21dc000000001
pragma: public
response: 200
last-modified: Thu, 15 Oct 2020 17:24:47 GMT
server: cloudflare
etag: W/"5f0c3b34-e3ec-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t3SeZsjCuc42dGfDC1J66avetSHPpdrjsjNDK10yqRmBqojhrrD%2FNwCEsSdhHV0KcPGffybYDcBUusoffYwptxLMilk8dwpMv%2F3p4farzbROiCY6BxLz7CelhHsRaqyCDtgHz%2Bdc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Sat, 21 Nov 2020 10:41:53 GMT
cache-control: public, max-age=31536000
cf-ray: 5e9c4ed3caa205dc-FRA
display: staticcontent_sol, orig_site_sol
cf-bgj: minify

GET
H2 200 3u80x.js Show response
cdn-0.securityonline.info/wp-content/cache/wpfc-minified/kl22a9fh/ 142 KB
50 KB 68ms
22ms Script
application/javascript 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/cache/wpfc-minified/kl22a9fh/3u80x.js
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bee892d451bec22710e7342576780de52825fd4a6d256b0e1f0c7ec1e26c3fc

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6754094
cf-polished: origSize=145463
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 06158f985f000005dcf7a5e000000001
pragma: public
response: 200
last-modified: Wed, 12 Aug 2020 04:24:29 GMT
server: cloudflare
etag: W/"5f336efd-23837-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FsWg472WEa8DZtHgPM9oG%2FajDy2sLQZMDDat40%2B18Fp%2FdPALtVI3uMfFx0E5gmYHIYNfTRTy8Ru%2Bes9ospDZd9NC4Z2JUijgB4FI4LMCCycDpYNEsfT3YaNmbXcRSu6SUDQ%2BwOOk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Fri, 11 Sep 2020 06:37:21 GMT
cache-control: public, max-age=31536000
cf-ray: 5e9c4ed3caa405dc-FRA
display: staticcontent_sol, staticcontent_sol
cf-bgj: minify

GET
H2 200 fa-brands-400.woff2
securityonline.info/wp-content/themes/hueman/assets/front/webfonts/ 75 KB
75 KB 577ms
575ms Font
font/woff2 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.12.1

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://securityonline.info
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
vary: Accept-Encoding, Origin,Accept-Encoding
display: staticcontent_sol, staticcontent_sol
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=31536000
response: 200
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
etag: "5f90fc65-12b04-gzip"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://securityonline.info
x-middleton-response: 200
cache-control: public, max-age=2592000

GET
H2 200 fa-regular-400.woff2
securityonline.info/wp-content/themes/hueman/assets/front/webfonts/ 13 KB
13 KB 389ms
387ms Font
font/woff2 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.12.1

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://securityonline.info
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
vary: Accept-Encoding, Origin,Accept-Encoding
display: staticcontent_sol, staticcontent_sol
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=31536000
response: 200
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
etag: "5f90fc65-3520-gzip"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://securityonline.info
x-middleton-response: 200
cache-control: public, max-age=2592000

GET
H2 200 fa-solid-900.woff2
securityonline.info/wp-content/themes/hueman/assets/front/webfonts/ 74 KB
74 KB 801ms
799ms Font
font/woff2 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.12.1

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://securityonline.info
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
vary: Accept-Encoding, Origin,Accept-Encoding
display: staticcontent_sol, staticcontent_sol
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=31536000
response: 200
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
etag: "5f90fc65-12958-gzip"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://securityonline.info
x-middleton-response: 200
cache-control: public, max-age=2592000

GET
H2 200 cookieconsent.min.js Show response
securityonline.info/ezoic/ 4 KB
2 KB 25ms
23ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/ezoic/cookieconsent.min.js
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
etag: "11a4-5b247a75f0e00-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1707
expires: Fri, 29 Oct 2021 10:45:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
46 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d31b403d50de1e8963d1cec655091f98986a25cfb62f2a2dee9e884b216cf2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46100
x-xss-protection: 0
server: cafe
etag: 67665156092700810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H2 200 google_cse_v2.js Show response
cdn-0.securityonline.info/wp-content/plugins/wp-google-search/assets/js/ 333 B
567 B 55ms
15ms Script
application/javascript 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699d4828c42481ca941e4faf8ffa28d0e08f30044d54b41af5a8d9bde16dcddd

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6067456
cf-polished: origSize=468
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 06158f9860000005dcdca9b000000001
pragma: public
response: 200
last-modified: Sat, 15 Aug 2020 17:47:05 GMT
server: cloudflare
etag: W/"5eb2816f-1d4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=51pq3W904Y2oHjN7PJkqO6lRALgUECMyohVxImAhkDfSF%2FDiHVKJHxgUFghWp0sgf%2FvWudiXCAjlqdDBltS3PBOCD9p58qHQF%2FqClhnebxTnYIlymlJiStrcHmkMktiLg5gNXPQ3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sat, 19 Sep 2020 05:21:19 GMT
cache-control: public, max-age=31536000
cf-ray: 5e9c4ed3caa505dc-FRA
display: staticcontent_sol, staticcontent_sol
cf-bgj: minify

GET
H2 200 jQuerySharrre.min.js Show response
cdn-0.securityonline.info/wp-content/plugins/hueman-addons/addons/assets/front/js/ 11 KB
4 KB 54ms
14ms Script
application/javascript 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/plugins/hueman-addons/addons/assets/front/js/jQuerySharrre.min.js?ver=5.5.1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1574315d35ea396b52383c5d5c2e94bafe1e22c5af2711a54a067f42a0c7f9

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4938695
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 06158f9860000005dcde398000000001
pragma: public
response: 200
last-modified: Fri, 28 Aug 2020 09:37:21 GMT
server: cloudflare
etag: W/"5f48d051-2dc7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rkd4yhrJW9eVa3%2Fo1IDea372Ru8OlybLfgqBSvEEK4dQUhIhiTRzfE3Krv0ZbYu%2FMJ%2FS0mCexG9R8B84IBWnIX%2BK7pggRwYaJOATM%2B8Lb5Rm%2F85WOG0jA4hoi3IaY4nQkC12iUiG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 5e9c4ed3caa805dc-FRA
display: staticcontent_sol, staticcontent_sol
expires: Fri, 02 Oct 2020 06:54:00 GMT

GET
H2 200 underscore.min.js Show response
cdn-0.securityonline.info/wp-includes/js/ 16 KB
6 KB 57ms
17ms Script
application/javascript 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1540048
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 06158f9860000005dc3a862000000001
pragma: public
response: 200
last-modified: Sun, 11 Oct 2020 07:35:15 GMT
server: cloudflare
etag: W/"5e854a87-3f1a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hriEc%2FQmCO78X0H4hG8nM9CcQ0i2kyXxLcKO2z5KYZO4EmPIj%2BXD3oQG4WBZ1mGj1x7XTyhOnBpzpdEoZnw7PKpZ%2F75CGkrIRJOkaszNRr0CM4jQVC4ZWF%2BgiZrrcaEvjwu7oABD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 5e9c4ed3caa905dc-FRA
display: staticcontent_sol, staticcontent_sol
expires: Tue, 10 Nov 2020 14:58:07 GMT

GET
H2 200 scripts.min.js Show response
cdn-0.securityonline.info/wp-content/themes/hueman/assets/front/js/ 75 KB
21 KB 21ms
16ms Script
application/javascript 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.6.6
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9bd18d7e7d5810e8a3a01da00e966fc5fa5fb025c9ae2d196f4d00ccda19c5e

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 611971
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 06158f98aa000005dc2a00b000000001
pragma: public
response: 200
last-modified: Thu, 22 Oct 2020 03:28:37 GMT
server: cloudflare
etag: W/"5f90fc65-12aa1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yWvU3aVal2t86Lh9qKFTftigr8pmuHZ%2BowLnbIExYRGVH3i9sT2aDdb7R9ROAeB5hZiNMerEgoWhK0VRWDetHiSYdP%2BpMTjc9zqnNoXISBSDRFsc8zDuHm3f7AX3BtslarH0Lx84"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 5e9c4ed44bda05dc-FRA
display: staticcontent_sol, staticcontent_sol
expires: Sat, 21 Nov 2020 08:46:05 GMT

GET
H2 200 comment-reply.min.js Show response
cdn-0.securityonline.info/wp-includes/js/ 3 KB
2 KB 60ms
21ms Script
application/javascript 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-includes/js/comment-reply.min.js?ver=5.5.1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 610423
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 06158f9861000005dc1434a000000001
pragma: public
response: 200
last-modified: Thu, 15 Oct 2020 17:24:47 GMT
server: cloudflare
etag: W/"5f4f23bf-b2d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IGU7mje%2Fi5N9nnUKfX3dmPJnMpUfqPfwPWmkeFSF24E3rPVHuJHg9VAMAVNcuDAfFRYnLwQUijshVlOxHDJQtAT39by2UWdsUpRCp8tvWpvYC22oV4cB9%2FxKKdZHMPqlRP2S0fVO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 5e9c4ed3caad05dc-FRA
display: staticcontent_sol, staticcontent_sol
expires: Sat, 21 Nov 2020 09:11:52 GMT

GET
H2 200 wp-embed.min.js Show response
cdn-0.securityonline.info/wp-includes/js/ 1 KB
1 KB 55ms
16ms Script
application/javascript 2606:4700:3035::681c:b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2340447
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 06158f9861000005dcf23d9000000001
pragma: public
response: 200
last-modified: Fri, 02 Oct 2020 06:16:17 GMT
server: cloudflare
etag: W/"5e854a87-59a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E0lM5VkVQcI9ML4KQgh3QOO8jpoJfm6JV1gSUeK9RafBTdgGq%2BcKfgjfE%2F2DnrfT1krTkXmYWAOxcqXGjMBRMy63PpbiTd11pbupppvnWUxFF%2FEw2pHw26CijzCU7PD1qP8Lv3%2Fd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 5e9c4ed3caab05dc-FRA
display: staticcontent_sol, staticcontent_sol
expires: Sun, 01 Nov 2020 08:38:08 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 35ms
16ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.5.1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 345
etag: W/"af07e3bccd7885748057bb532c526ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 5e9c4ed45da01772-FRA
cf-request-id: 06158f98b9000017722a02e000000001
expires: Sun, 01 Nov 2020 10:45:36 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156983/3085/ 259 KB
78 KB 87ms
33ms Script
text/javascript 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1703ea12b46b8ccc79e8a09265e536c5eabbf3fc0c808a2fecd7005911bf254

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 29 Oct 2020 10:45:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 02:40:26 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1121094-40be6-5b2c633cf9c5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=143631
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 78738
X-Akamai-Path-Stats: [1:150:850]
Expires: Sat, 31 Oct 2020 02:39:27 GMT

GET
H2 200 houston.js Show response
securityonline.info/detroitchicago/ 3 KB
1 KB 29ms
25ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/houston.js?gcb=2&cb=23
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 12ec2f4bf962063ad97332d5254251712469fca071e85107588ff4554e3b5380

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 1093

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
18 KB 113ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

5b368adc6ad153e147cd4a141f72676559e04bd34572650afa2e8f21558004ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "677 / 471 of 1000 / last-modified: 1603964514"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17882
x-xss-protection: 0
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H2 200 tulsa.js Show response
securityonline.info/detroitchicago/ 9 KB
3 KB 37ms
34ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/tulsa.js?gcb=191-2&cb=2
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a61307b63d4884dbc257c672318c63eba9c3ff9d5d1f7e52978c878c6739d7e9

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 2680

GET
H2 200 banger.js Show response
securityonline.info/porpoiseant/ 50 KB
11 KB 34ms
31ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 06a652f90530a0fae775c287d9aecc3f283289cc408e35aa5d9c5ebc32ffe261

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000, public
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 memphis.js Show response
securityonline.info/detroitchicago/ 5 KB
1 KB 40ms
37ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/memphis.js?gcb=191-2&cb=2
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 3280d840db75382b0a366d79bcd0dbe276a33e62b7be641e27b8b4bf68f66156

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 1463

GET
H2 200 minneapolis.js Show response
securityonline.info/detroitchicago/ 845 B
451 B 28ms
25ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/minneapolis.js?gcb=191-2&cb=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 419

GET
H2 200 raleigh.js Show response
securityonline.info/detroitchicago/ 2 KB
814 B 27ms
24ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/raleigh.js?gcb=191-2&cb=2
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 12ceaaa105abb177182163d2b3c95418076c4cd7881b107e39e1ae77dde7f7c1

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 782

GET
H2 200 tampa.js Show response
securityonline.info/detroitchicago/ 754 B
437 B 27ms
24ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/tampa.js?gcb=191-2&cb=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 405

GET
H2 200 rochester.js Show response
securityonline.info/detroitchicago/ 2 KB
783 B 28ms
25ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/rochester.js?cb=191-2&v=9
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 751

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 972
date: Thu, 29 Oct 2020 10:29:24 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 29 Oct 2020 12:29:24 GMT

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
562 B 82ms
28ms Script
text/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 83375107cf245dcc8332f041650ad50f4d8ca75afb1c19fbc7358f58fcd55165

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
etag: 9265f108406adcbd80773bd2ee8f6b35
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=999999, private
content-length: 276
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 dayton.js Show response
securityonline.info/detroitchicago/ 13 KB
5 KB 28ms
26ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/dayton.js?gcb=2&cb=3
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 545881e36f9fe4d4d387c90f876f32df9c0cb800545fe5bb0496a58f6dc53b86

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public

GET
H2 200 l.svg
securityonline.info/utilcave_com/ 965 B
605 B 36ms
36ms Image
image/svg+xml 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/utilcave_com/l.svg
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "3c5-5ac9ecc7b5bc0-gzip-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: image/svg+xml
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=604800
x-sol: middleton
content-length: 422
expires: Thu, 05 Nov 2020 10:45:36 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 04:33:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:11 GMT
server: sffe
age: 22325
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14096
x-xss-protection: 0
expires: Fri, 29 Oct 2021 04:33:31 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:49 GMT
server: sffe
age: 84293
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13588
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:43 GMT

GET
H2 200 4iCp6KVjbNBYlgoKejZftVyPN4FNgYUJ.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCp6KVjbNBYlgoKejZftVyPN4FNgYUJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac248ab7da608a3a61f44032c9fcf1e3d0f2d74ffd6ca2e12031666038f10685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 07:25:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:01 GMT
server: sffe
age: 12010
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14736
x-xss-protection: 0
expires: Fri, 29 Oct 2021 07:25:26 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
14 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:01 GMT
server: sffe
age: 84303
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13720
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:33 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f5102fffc97f20212ac285df3292a8b9c3e486e4620e289c6a59c2db288c8a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 imp.gif
securityonline.info/detroitchicago/ 43 B
153 B 24ms
24ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A2%2C%22ad_location_ids%22%3A%220%2C0%2C0%2C0%2C2%2C21%2C34%2C34%2C34%2C34%2C5%2C37%2C704%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A13%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Amsterdam%22%2C%22country%22%3A%22NL%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A6%2C%22domain_id%22%3A124533%2C%22domain_test_group%22%3A20200410%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22618%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A6%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1102%2C1102%2C1102%2C1102%2C1103%2C1104%2C1105%2C1107%2C1107%2C1107%2C1107%2C1112%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22bce00f69-b9f6-4831-77a9-bf3ea6afd5d6%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%221101%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A357%2C%22serverid%22%3A%223.120.98.153%3A23788%22%2C%22state%22%3A%22NH%22%2C%22sub_page_ad_positions%22%3A%221100%2C1102%2C1102%2C1102%2C1102%2C1103%2C1104%2C1105%2C1107%2C1107%2C1107%2C1107%2C1112%22%2C%22t_epoch%22%3A1603968335%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A659%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
149 B 88ms
29ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=63212955389
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 29 Oct 2020 10:45:35 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://securityonline.info
timing-allow-origin: *
vary: Origin

POST
H2 200 c Show response
prebid.a-mo.net/a/ 718 B
842 B 300ms
124ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 96a5285b1d69be210b33fae59356dc6b3d6231e9305ca63ee707731f12e6aff5

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Oct 2020 10:45:35 GMT
content-encoding: gzip
server: envoy
status: 200
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityonline.info
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 35
content-length: 410

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
450 B 82ms
36ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://securityonline.info
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 12 KB
6 KB 348ms
299ms XHR
application/json 184.31.84.150
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=305136&v=7.2&r=%7B%22id%22%3A%22429c389fa7ada8a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2243e69fd71ea3826%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2244327b6e91b8368%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245c2e0d82c0817b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22464065f561fc774%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22470e2ea5195792%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248306046fc56634%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305142%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249a8283f2ccd87c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250749237d9b404%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251a4960cf058d48%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2252e36f3a66d6d2c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22538397a588dd61b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22546903ee13f6834%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305149%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248306046fc56634%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305142%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248306046fc56634%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305142%22%2C%22sid%22%3A%22580x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A580%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22538397a588dd61b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22ef52af3eb8f11ec9f82a203957c8975d%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 263774d449799fd63ab83f6ce80322210769a8b204972befbb0e9894b62079da

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[NL], RC:[], CN:[EU], CIP:[185.212.171.67], XFF:[]
server: Apache
status: 200
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://securityonline.info
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5322
x-ak-client-geo: 12
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
914 B 113ms
46ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f02ed14daa76f239d491ef8554144ec5f4a47a8e42d7062d6a52eec3c3372b3e

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
914 B 124ms
57ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1409304a99328d823b4ab900506aad46e320b2be1e28c83d92b6454b940fd707

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
913 B 108ms
42ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d21bb6d62f3cc7e71d1d911aa39bd0a957e5b9b9376f3b2d519db4e4b58add58

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
912 B 125ms
59ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 985be8b81fd6871df2ff08ee26ffd1fe9b3483903fdcd2576babdb075a0135b8

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
913 B 124ms
58ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20887&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 973d1e928e33a73f67e471f8cbeb606326fb3f87f7d080aac278de4c8837984a

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
914 B 126ms
60ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20841&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7ad4b0bb66709e2d8b9a3ff6be958167d4d03dfd13f8fbc4be21c4042dc93b3f

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
912 B 109ms
44ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20849&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 105a40a35acb64fc974bb29e519ac4a7caccafc8ded193209f1373e800d4f76a

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
913 B 109ms
44ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20849&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 54cdedb13b502d912c5e62ddff42501ac92c60fbfcdea672abdcfb55a154cd5c

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
914 B 109ms
44ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20849&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a2f94138367e00a2ea6d37a684720ac748c73c66d063acc666f2a02eeed5895a

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
914 B 124ms
59ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20849&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e68bf8096733d0ede531d9e1f912826a2457e68317aa6a00305d8b96ab90dc07

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
913 B 109ms
45ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20904&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 64e536ecaa5c3db77026b6e40a6d326aadcaea78dc11f338311c68d55bcf7e37

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
914 B 109ms
45ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20898&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 069be607ca61a739a53bef54c646f6ca7b152df543057525a7d90e66d7c00a1d

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 377 B
912 B 122ms
58ms XHR
application/json 52.50.254.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=16891&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Cef52af3eb8f11ec9f82a203957c8975d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ns=10240
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.254.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-254-113.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e0078d6108a89e84811e7ca0b69127db01e921dab7d47e054d5ddc5e825ab439

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securityonline.info
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
761 B 58ms
23ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: eefe130ac232ee9286a726d440f8b89278f4242e90a394a01db2ec4652a29de1

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 29 Oct 2020 10:45:36 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://securityonline.info
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
716 B 54ms
22ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 29 Oct 2020 10:45:36 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: 68e67c21-3e0d-4dc3-8b5f-a579f80e835f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://securityonline.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 120ms
88ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 29 Oct 2020 10:45:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://securityonline.info

GET
H2 200 anaheim.js Show response
securityonline.info/detroitchicago/ 665 B
369 B 23ms
23ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/anaheim.js?gcb=2&cb=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 337

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
54 B 30ms
29ms Script
text/html 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 29 Oct 2020 10:45:36 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
57 B 42ms
28ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=810932374&utmhn=securityonline.info&utme=8(template*t*rid*bra)9(pub_site*134*0*mod21)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&utmhid=968709528&utmr=-&utmp=%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&utmht=1603968336246&utmac=UA-124345349-20&utmcc=__utma%3D264774413.617932340.1603968336.1603968336.1603968336.1%3B%2B__utmz%3D264774413.1603968336.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1119948729&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
399 B 42ms
28ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=519635642&utmhn=securityonline.info&utme=8(template*domain)9(pub_site*securityonline.info)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&utmhid=968709528&utmr=-&utmp=%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&utmht=1603968336248&utmac=UA-38339005-1&utmcc=__utma%3D264774413.617932340.1603968336.1603968336.1603968336.1%3B%2B__utmz%3D264774413.1603968336.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1938595073&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
141 B 23ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiI5MjY1ZjEwODQwNmFkY2JkODA3NzNiZDJlZThmNmIzNSJ9XX1d
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:36 UTC

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityonline.info%2F&domain=securityonline.info&cw=1
https://mug.criteo.com/sid?cpp=cLZoeXxXZUh2R1MrcUIycDVHOVhqSW02cG0xNmdRRTMwZVJzVTlyRkNyQ3JPbitIcjRQWmpCOUNHbVEwOXljcnRBRmpaRk02ZHRqb2VFWHl2N1BZallKamRmSnU0V29oazM2WTkyVnZ5RHM5RVJrQVBicUg5OHlCTEI1bz...

348 B
641 B

49ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cLZoeXxXZUh2R1MrcUIycDVHOVhqSW02cG0xNmdRRTMwZVJzVTlyRkNyQ3JPbitIcjRQWmpCOUNHbVEwOXljcnRBRmpaRk02ZHRqb2VFWHl2N1BZallKamRmSnU0V29oazM2WTkyVnZ5RHM5RVJrQVBicUg5OHlCTEI1bzh5N3JSOEVXQ1pzYUsvOEN6ckVrMzRwNHZ6Yk53aDl6SFkrbER1anhTS0p2NlFvZ2hFdzlyUkdXTnB4OHV6eFFXLzR5WUJIR3R2YkEyeldpOWNWRnFvZVI4Z2JqZ2xvZjc5TkRJR0dmNlpmcUdCLzNraExnPXw&cppv=2

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7ff52847d45a94479a8a3bbf9cbe222178caaa2b0f5b1a4d1359aba2cadc33e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 29 Oct 2020 10:45:36 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1116
content-length: 348
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Thu, 29 Oct 2020 10:45:35 GMT
location: https://mug.criteo.com/sid?cpp=cLZoeXxXZUh2R1MrcUIycDVHOVhqSW02cG0xNmdRRTMwZVJzVTlyRkNyQ3JPbitIcjRQWmpCOUNHbVEwOXljcnRBRmpaRk02ZHRqb2VFWHl2N1BZallKamRmSnU0V29oazM2WTkyVnZ5RHM5RVJrQVBicUg5OHlCTEI1bzh5N3JSOEVXQ1pzYUsvOEN6ckVrMzRwNHZ6Yk53aDl6SFkrbER1anhTS0p2NlFvZ2hFdzlyUkdXTnB4OHV6eFFXLzR5WUJIR3R2YkEyeldpOWNWRnFvZVI4Z2JqZ2xvZjc5TkRJR0dmNlpmcUdCLzNraExnPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 845
content-length: 482
expires: 0

GET
H2 200 nmash.js
securityonline.info/porpoiseant/ 22 KB
5 KB 25ms
24ms Other
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/porpoiseant/nmash.js?v=90
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 67d096296b53e2a0180360a9301d36ad6abbc718d98d7a0204719169d63274bd

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
last-modified: Thu, 29 Oct 2020 05:59:37 GMT
server: nginx/1.16.0
etag: "5769-5b2c8fc27cf39;5b247a75f0e00-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63315582-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3371
date: Thu, 29 Oct 2020 09:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 29 Oct 2020 11:49:25 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa
https://cse.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa

10 KB
4 KB

60ms
40ms

Script
text/javascript

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1139bcdca1e6d3bd83127c2cc7c6fd02f0111d54bfe4ce7a73e3225945c78bef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3461
x-xss-protection: 0
expires: Thu, 29 Oct 2020 10:45:36 GMT

Redirect headers

date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0

GET
H2 200 recommended_pages.js Show response
securityonline.info/utilcave_com/apps/js/ 16 KB
3 KB 35ms
33ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/utilcave_com/apps/js/recommended_pages.js?cb=7
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5b2b8d431ffc12e91090b624fc573a8ef4d18a8c68abc862fe1b1f40b17be72a

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "41b3-5ac9ecc7b5bc0-gzip-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/javascript
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: public, max-age=2592000
x-sol: middleton
content-length: 3324

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
77 B 23ms
21ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoiZXh0X3VzZXJfaGFzaCIsInZhbCI6Ik5UIn1dfV0=
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:36 UTC

GET
H2 200 anchorfix.js Show response
securityonline.info/ezoic/ 879 B
451 B 26ms
25ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/ezoic/anchorfix.js?cb=191-2
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
content-length: 383
expires: Fri, 29 Oct 2021 10:45:36 GMT

GET
H2 200 edmonton.webp Show response
securityonline.info/detroitchicago/ 14 KB
4 KB 25ms
23ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/edmonton.webp?a=a&cb=191-2&shcb=34
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 jellyfish.webp Show response
securityonline.info/porpoiseant/ 58 KB
11 KB 58ms
57ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/porpoiseant/jellyfish.webp?a=a&cb=191-2&shcb=34
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 / Show response
graph.facebook.com/ 252 B
639 B 49ms
33ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&callback=jQuery1124028920887821053687_1603968336029&_=1603968336030

Requested by

Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/cache/wpfc-minified/kl22a9fh/3u80x.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8636d45eec799083aa05b9baa2adff31bcc9c2676fa5c92746935991af9cc480

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
status: 200
x-fb-rev: 1002903130
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 193
pragma: no-cache
x-fb-debug: d/6peBJCgIr3963QyULdz6MMZDWGFFc1QwyBCgl3i9a3ZpE56SnQeaUIKa1nFxnk/v+a19+D7w3NEp3BYtRoWA==
x-fb-trace-id: GT8A+O58LMJ
date: Thu, 29 Oct 2020 10:45:36 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AsvlvatyuEFNTr_VLYFg8rw
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 164 B
391 B 159ms
112ms Script
application/javascript 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&callback=jQuery1124028920887821053687_1603968336031&_=1603968336032

Requested by

Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/cache/wpfc-minified/kl22a9fh/3u80x.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9e41bb4e2bab35c20e353a1311f0458c67f0ad8023bb236d409ff015b15e55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
status: 200
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1571007734335269
content-length: 164
expires: Thu, 29 Oct 2020 11:00:36 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/ 230 KB
86 KB 57ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1650b4c9b0faf47c6277bfa8ca644a76a4324698552124b26f42fa45bd415c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88177
x-xss-protection: 0
server: cafe
etag: 6569080428894319167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201026/r20190131/ Frame C152 0
0 6ms
5ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201026/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 29 Oct 2020 02:14:20 GMT
expires: Thu, 12 Nov 2020 02:14:20 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 30676
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 95 KB
34 KB 44ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74087b46ddac1aabb4f571ca42ff5227782e743bdf93b067fba4e183e697b61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33744
x-xss-protection: 0
server: cafe
etag: 15538538428573978814
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H3-Q050 200 pubads_impl_2020102701.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
96 KB 99ms
69ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 08:51:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98225
x-xss-protection: 0
expires: Thu, 29 Oct 2020 10:45:36 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
411 B 50ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=968709528&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ul=en-us&de=UTF-8&dt=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=264774413.617932340.1603968336.1603968336.1603968336.1&_utmz=264774413.1603968336.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603968336461&_u=IQBCAUABAAAAAC~&jid=232391104&gjid=387258417&cid=617932340.1603968336&tid=UA-63315582-2&_gid=109183952.1603968336&_r=1&gtm=2ouae2&z=1371916071

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
77 B 22ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMjkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:36 UTC

POST
H2 200 app-ajax Show response
securityonline.info/ezoic/ 2 KB
920 B 43ms
43ms XHR
text/html 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/ezoic/app-ajax
Requested by: Host: securityonline.info
URL: https://securityonline.info/utilcave_com/apps/js/recommended_pages.js?cb=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a844cafca53cab73e5f3cc9e111b3f84a8c5c0b055e6f9ff9cda6ec7686d70dd

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8
status: 200
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 550
expires: Wed, 28 Oct 2020 10:45:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-63315582-2&cid=617932340.1603968336&jid=232391104&gjid=387258417&_gid=109183952.1603968336&_u=IQBCAUAAAAAAAC~&z=9658677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Oct 2020 10:45:36 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cse_element__en.js Show response
www.google.com/cse/static/element/26b8d00a7c7a0812/ 260 KB
86 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/26b8d00a7c7a0812/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a59cb277854c7e55d027b3cc11095a241d8107ff7be5b345403453a3d16be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 14:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 13:27:13 GMT
server: sffe
age: 158476
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88400
x-xss-protection: 0
expires: Wed, 27 Oct 2021 14:44:20 GMT

GET
H3-Q050 200 default+en.css
www.google.com/cse/static/element/26b8d00a7c7a0812/ 40 KB
9 KB 36ms
22ms Stylesheet
text/css 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/26b8d00a7c7a0812/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 14:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 13:27:13 GMT
server: sffe
age: 158478
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8947
x-xss-protection: 0
expires: Wed, 27 Oct 2021 14:44:18 GMT

GET
H3-Q050 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 35ms
22ms Stylesheet
text/css 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 2520
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Thu, 29 Oct 2020 10:53:36 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
411 B 31ms
30ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityonline.info&callback=_gfp_s_&client=ca-pub-6396844742497208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f53d639016d2079baa0a1e7e99d5733a0bf7c3a01ae7d099316428b2e6419bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 35ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityonline.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
810 B 42ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityonline.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D975 0
0 79ms
79ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1603968336&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A16810120%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603968336408&bpp=5&bdt=496&idt=121&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8318106190623&frm=20&pv=2&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=1&ga_wpids=UA-124345349-20&iag=0&icsg=4236130531278850&dssz=106&mdo=0&mso=2048&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726948%2C21067105%2C21067166%2C21067466%2C44730556&oid=3&pvsid=2079961931876282&pem=176&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1603968336&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A16810120%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603968336408&bpp=5&bdt=496&idt=121&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8318106190623&frm=20&pv=2&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=1&ga_wpids=UA-124345349-20&iag=0&icsg=4236130531278850&dssz=106&mdo=0&mso=2048&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726948%2C21067105%2C21067166%2C21067466%2C44730556&oid=3&pvsid=2079961931876282&pem=176&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 29 Oct 2020 10:45:36 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Oct-2020 11:00:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Oct 2020 10:45:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 59ms
58ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

34d9891a81b9b276febf3b6f763ededd97fc364bd399e9446f71159be6cb1d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603885550448160"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27554
x-xss-protection: 0
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
273 B 25ms
20ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-63315582-2&cid=617932340.1603968336&jid=232391104&_u=IQBCAUAAAAAAAC~&z=26693932

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
494 B 44ms
18ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-63315582-2&cid=617932340.1603968336&jid=232391104&_u=IQBCAUAAAAAAAC~&z=26693932

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 async-ads.js Show response
cse.google.com/adsense/search/ 185 KB
64 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/26b8d00a7c7a0812/cse_element__en.js?usqp=CAI%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a751ce29cf3d4ce79f15220baa80bbdc8bbb97668ad75b8efff7b1be8c329491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "16049489785866125821"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H3-Q050 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/26b8d00a7c7a0812/default+en.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/26b8d00a7c7a0812/default+en.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 09:03:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 92545
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Thu, 28 Oct 2021 09:03:11 GMT

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 25 Oct 2020 11:38:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 342451
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Mon, 25 Oct 2021 11:38:05 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
203 B 27ms
5ms Image
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 29 Oct 2020 10:45:36 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 14ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_ced&pvsid=2079961931876282&sc=f&level=slot&vrg=2020102701&nw_id=1254144&nslots=10&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&pub_url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
386 B 3858ms
3857ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&prev_scp=iid5%3D463318%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dsecurityonline_info-box-3-463318%26eb_br%3D8b07bae800b215e481d05a271b3e723b%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26ft%3D1%26br1%3D700%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336660&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=513&adks=96935267&ucis=1&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=880x99&msz=882x92&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=882&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9887622292b5ba80917215d814d80663347b9554de9f1fa71f3e512a5ac72a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 45ms
14ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 435 B
397 B 1175ms
1174ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C120x240%7C970x90%7C970x250%7C180x150%7C728x90%7C300x250%7C320x50%7C200x200%7C125x125%7C234x60%7C250x250%7C468x60%7C320x100&fluid=height&prev_scp=iid5%3D465416%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-3-465416%26eb_br%3Dc5429b6ddd929d0bc40a832a87789a7c%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ft%3D1%26br1%3D1000%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336670&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=787&adks=2855817402&ucis=2&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=880x407&msz=880x400&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

029c9f5d57faf21ad0092fc5d57ce838e42865ae2275af9d0282ca8873cedeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 100 KB
17 KB 2401ms
2401ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-leader-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&prev_scp=iid5%3D468268%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D11%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D37%26al%3D1037%26compid%3D0%26tap%3Dsecurityonline_info-leader-1-468268%26eb_br%3D39abb99448d54704c4afa42efe76e15d%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ft%3D1%26br1%3D1100%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336675&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=2146&adks=3716097895&ucis=3&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,37a5d7|color_text,,000000|color_url,,F0F0F0&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=880x97&msz=880x90&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=0&ohw=0&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6d35de3a532f5f67bc024d91743ca3841e9aa4bb341e5ae96d3bffd541b04f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17400
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
5 KB 2612ms
2611ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&prev_scp=iid5%3D460618%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dsecurityonline_info-large-mobile-banner-1-460618%26eb_br%3D39abb99448d54704c4afa42efe76e15d%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D1100%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336681&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=4322&adks=3089213337&ucis=4&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x98&msz=982x92&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=982&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f00c4df38225f64d14a94c837260645f8252f602f4ccca09e072618120ae3675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 426 B
386 B 2073ms
2072ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336686&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=561&adks=4286431424&ucis=5&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9c6fb3a96b5d636cb3fc7244d1ca4f9007cd423caa8556c20bb593fae1b81efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 426 B
826 B 305ms
305ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336691&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=834&adks=520180478&ucis=6&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

96a59efaf3b5b47d6ab1eb975b429b47a1774e47256da3117d2fd384e19a3f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
416 B 1502ms
1501ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336695&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1107&adks=3926214249&ucis=7&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2a240cc86c9f7193d71b2c680ce9400ea48ea0fd0d3cddc972ccbea93b08efe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 426 B
389 B 537ms
536ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C124%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336700&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1380&adks=2680230968&ucis=8&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF0000|color_text,,000000|color_url,,FF0000&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=3&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ba4fbec215618682f10efb0721a942b7c599f98807718cab35de9d507f4a2ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
403 B 865ms
864ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336705&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2141&adks=4076339080&ucis=9&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,37a5d7|color_text,,000000|color_url,,F0F0F0&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=4&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

cc42363fe016bff33e0e64f2033662678385b3a05267fde637d30a2b837c6b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 438 B
393 B 1736ms
1736ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336711&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2414&adks=2226679626&ucis=a&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=5&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

095596fb59298a4757db731aac7afa42c6efe73d1af3ce3d33f69ecc2ac0348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 438 B
393 B 3263ms
3262ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336715&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2687&adks=185582216&ucis=b&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=12&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=6&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

23ecdca12ff616e53b616c63613ed3fa96bdbd9b81509073ef145a8f030471f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 438 B
780 B 2910ms
2910ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336719&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2960&adks=527514099&ucis=c&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=13&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=7&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

68a3d4ad1477f2740dbdbdcb64a37d8a75e1bea6c84ba41c0652ba6a1d3f0bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
409 B 3587ms
3587ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=781667131890477&output=ldjh&impl=fif&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=iid5%3D474568%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-2-474568%26eb_br%3D39abb99448d54704c4afa42efe76e15d%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D1%26ft%3D1%26br1%3D1100%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a-22c5b9715ba60092%3AT%3D1603968336%3ART%3D1603968336%3AS%3DALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q&bc=31&abxe=1&lmt=1603968336&dt=1603968336724&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1102&adks=3873167905&ucis=d&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=14&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_fc=true&ga_wpids=UA-124345349-20&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

af2112ef087a89cd5e848dd2edc606f591ed2cdb9501bf1525502eeaa56a9846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dark-bottom.css
securityonline.info/ezoic/styles/ 3 KB
833 B 24ms
23ms Stylesheet
text/css 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/ezoic/styles/dark-bottom.css
Requested by: Host: securityonline.info
URL: https://securityonline.info/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
last-modified: Thu, 22 Oct 2020 19:41:44 GMT
server: nginx/1.16.0
etag: "bd7-5b247a75f0e00-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 725

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
77 B 23ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjUyNSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTM2MyJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMTUifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNDAzIn0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNDg5In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6Ijg2OSJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:36 UTC

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
77 B 23ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIxNTkwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIxNTkwIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:36 UTC

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
77 B 23ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:36 UTC

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fd6091a94cdd85e91099c85b9effa2dc564e238610f8cad118d12ee9716c80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 65ms
45ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Thu, 29 Oct 2020 10:45:36 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame C8A9 0
0 34ms
20ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 29 Oct 2020 09:51:43 GMT
expires: Fri, 29 Oct 2021 09:51:43 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3233
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
100 B 22ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjExMjMifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:37 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:36 UTC

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
45 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201026&jk=2079961931876282&bg=!dnWldVXNAAVp0lmVaVj-1HzuBq4Z2wIAAABLUgAAAAwKAatf8_b2np1hEV0nUFvwk_GrjaHy5vqL31BWKUtbliqfASiicr6EmkTG4wZTTsk7WlXLhEnZu7vqI60SaW4qO9w0QPx0GqjihA5zhWNUbmyV6d5J4UU90tctfC2PJJLFVuAtVicjQg9y6ViJCCozAy5th06_yTeYYtulk5k6QL6mSEfJ8U7eCa9R3izTfHl8MfimKTeyQsFR0Lgfcp8Uy6DO6ptU1g0Ta2R_8LKgQm8Cc6QqR8aZnaj5uzN8cKMRcHgLyl7BUPWAKWndiGDnR6uL8Pu_xqJJAA_KBBOdERCVWvmlHIhgAK8s-ETrZb74LE1tV4X3iGNKDsH0H-Ceg7VWtFZhDJXA7OrHs-QumNE5XhqsiQkSvfHGAF5FKLo4xP5C4hFYzkipXRPNon2kUYfbeMNzUyNHQ-8w0AwfMVePEw-RLGXZ0iOGth_Tq2hn1DY_FdKhoTMk_oKaW7Rs56A8wZ_NsaYCrvVHKtNrms4Sw-82giLrCsOtZHSy9smx01Q1ElgF701nbFVu8tQCQ-BxccbXQmbafEb8kOZ-D7MMjqFREjQQLr4C3lIimQGs_A7ZEYv3x7FQmIdIqisk7znGPzAnosZfFnGwODaGLpeAy2I41JC5nOVOYdbayaGtLSWNe4lw3kQUECBwahcOwhRxZ8RHRzf4mYay3zm6fGeg0-bgPAmDumagQPBUUgwzSkejwMruY-Lx382aNTIghvB-D4NSvRqB1Q6WisxDLtKvj-CIqlkuNmBrdED6te9MAkS44Lj4053PMzhXdVEkbaLUww2Mq8kD9XM7C_xhCKAIUluCj5p_4m_sbBYoAnAsAearX39vR8UZO_RVGTUAfUIOVBQnkQ8r0rPWTPTuU4b9tZNKm37Ea4xZVf5bOeZoAGv_PtV_30JSbXVFS0NT49azK2-JH5BKZcqiPcY7t5TkiDEOrCnjQiiCO4bVg7Cu_YfEen3jgrwFAkQJZ6q-1D6jVNr57nBrw-ZKdoVlSkjFhCF1axUA3s1dgJxIA6HlNv5GHsWV33d9u8I6bdMZMLbEMhu0p8If82nUW0w76nBb6E4RTkuY5sdnXxECqsm-eluqJDnTAW8fI92qLl_C8G4yKWk03a5F9t7AC-G1pYVhE_Mpb-hY5h9dTzc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
330 B 76ms
30ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

148.207.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Oct 2020 10:45:38 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
status: 451
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://securityonline.info
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 92ms
30ms XHR
application/json 63.33.218.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.218.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-218-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4a3fe3759adfc6ff1b0ab9c7c6c965eb6dc2dcd53e45d6d9760cd0b3400587d5

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Oct 2020 10:45:38 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityonline.info
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 28 Nov 2020 10:45:38 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame FBF6 204 KB
56 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3392
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame FBF6 14 KB
5 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3403
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame FBF6 96 KB
29 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3402
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame FBF6 76 KB
18 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-animation-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa849eb31f39336c65b0f44b0ef34f7f624c0dbee255297e5198a20219251027

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 222174
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18085
x-xss-protection: 0
server: sffe
date: Mon, 26 Oct 2020 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff77be14677a6dcf"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Oct 2021 21:02:45 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame FBF6 4 KB
2 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3390
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame FBF6 45 KB
15 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3390
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
DATA 200
OK truncated
/ Frame FBF6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 366978094a465cd6caa417f46c259cb3f3413f69fd0c699511f0ebbbffc1f477

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ec7ce6ab01eab18efcad5c1fc8832b7a.jpg
tpc.googlesyndication.com/sadbundle/737002631624578043/images/ Frame FBF6 25 KB
25 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/737002631624578043/images/ec7ce6ab01eab18efcad5c1fc8832b7a.jpg

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34261c9962064fc4843531aaf4ef7c09fccb088ff3627ee67b033c84fc355b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 09:38:51 GMT
x-content-type-options: nosniff
age: 4008
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25537
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 11:32:52 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:38:51 GMT

GET
H3-Q050 200 b5e4a6b69d1a3014731354194fd28a96.svg
tpc.googlesyndication.com/sadbundle/737002631624578043/images/ Frame FBF6 2 KB
860 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/737002631624578043/images/b5e4a6b69d1a3014731354194fd28a96.svg

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df76de8068a20c35c1b7382f6adc68efb040bb293aaffca0740f8cec4d27ef7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 05:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20715
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 766
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 11:32:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 05:00:24 GMT

GET
H3-Q050 200 c651be3bdb403dfc243737bbc0b316f0.svg
tpc.googlesyndication.com/sadbundle/737002631624578043/images/ Frame FBF6 7 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/737002631624578043/images/c651be3bdb403dfc243737bbc0b316f0.svg

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

515c432f9e7988b29b54800ebe60b464b206e5f90c89135a65ab307bd36b87c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 09:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4008
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2337
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 11:32:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:38:51 GMT

GET
H3-Q050 200 5ea37bc0723f08fbd8923ad15790fa92.png
tpc.googlesyndication.com/sadbundle/737002631624578043/images/ Frame FBF6 3 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/737002631624578043/images/5ea37bc0723f08fbd8923ad15790fa92.png

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4240923f75e95ad96aba7222c51ffd31b8adec46d0d2c016f38ddde77a2939ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 09:38:51 GMT
x-content-type-options: nosniff
age: 4008
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2609
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 11:32:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:38:51 GMT

GET
H3-Q050 200 98efaea5624f5cbe2b77ef4660bb7e74.svg
tpc.googlesyndication.com/sadbundle/737002631624578043/images/ Frame FBF6 4 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/737002631624578043/images/98efaea5624f5cbe2b77ef4660bb7e74.svg

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da75237c506bb339edf0c4bf4ad835eeb89188c465040563a4a9f89ca649824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 05:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20715
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 11:32:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 05:00:24 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF6 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40275
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF6 295 B
388 B 10ms
9ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46338
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame FBF6 0
0 17ms
16ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFEflJDNLR-Eh5_I8OENKtM7L2xzlOQln1LVONn8t-burow-NDKilcTMdd1GWUv1SB7PUEbdiF29TdRkGDqC5bONvlnA
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FBF6 0
0 33ms
32ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVhDXUp2aX8iXMNOhlQe2kJyQBI2l--Zfkrvww9UL2tkeEAEg9PnGJWCRhJOF_BegAdvR5c4DyAEJqQKCnxr7QrezPuACAKgDAcgDCKoEvAJP0NhkUUiGJ1BFCLcYgcMvvHUt2QMa77Rwqq16qsxuioFGEwDeOVZPUN6abTdToVYA-zxGT2D7wRh_kxUDO5eoqtmRAPNi-v2X8hWgUbJkVRkdxZGUnoSynnk2aDBUC59WdP4e785ukCJfz-2ldBukDrrOvx5hWgTAQ9rOZgdYGxwjbiRTa-Q5xpK0Q_B-6fG8V6laGJ0gRUzE6ejLt_ODE60xDRyPbtHS6z8WKJXRsc7d4xJbsOyJjhfP9N3VPpH99J3v8ubElsH1_sTBvUo9x-9R5DLz2l5gR5mA8cHco9ZD16gDN5n9miji-Fg_dMJbM7w7y6r6AK24cwhiqWclTHZu8QcWBVEpA8-lkOuPxSOV5KKNlT_wKCaLbW7l2Eo_hk00jxqYW_ofUuwp_LlXX8znKAbn8yPpmpqZwASSovD2ywLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHja6aMagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRCKn80E0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00Nzc2MDYzMTU4MjQyNTg4gAoDyAsBsgwUcHViLTYzOTY4NDQ3NDI0OTcyMDjCDAIIAdgTAg&sigh=N8jjLWynCgs&template_id=419&tpd=AGWhJmugKQ2ImgcMFEiMoXS_rAZ0etrXkEpZT4CFZX9-y888Nw
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
93 B 76ms
25ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
123 B 22ms
20ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjMyNDUifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:39 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 23ms
21ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY4MjY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sZWFkZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjgyNjgiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxlYWRlci0xLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMzlhYmI5OTQ0OGQ1NDcwNGM0YWZhNDJlZmU3NmUxNWQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2ODI2OCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGVhZGVyLTEtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAxMSwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjgyNjgiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxlYWRlci0xLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTY5NzkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2ODI2OCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGVhZGVyLTEtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:39 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 24ms
20ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY4MjY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sZWFkZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMjkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:39 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
100 B 25ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDY4MjY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sZWFkZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYXVjdGlvbl9lcG9jaCI6MTYwMzk2ODMzOSwiYWRfcG9zaXRpb24iOjExMDMsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTEwMCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjExMDAsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjI0MTcsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:38 UTC

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 74 KB
24 KB 62ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:41 GMT
server: nginx
etag: W/"5f8eabe9-12977"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 30 Oct 2020 10:45:39 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF6 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40275
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF6 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46338
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 033A 0
0 42ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=securityonline.info

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=securityonline.info
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 464
date: Thu, 29 Oct 2020 10:45:39 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 74 KB
24 KB 46ms
16ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:39 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:41 GMT
server: nginx
etag: W/"5f8eabe9-12977"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 30 Oct 2020 10:45:39 GMT

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 0DBA 0
0 66ms
21ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

Server: Apache
Last-Modified: Tue, 06 Oct 2020 14:04:48 GMT
ETag: "e20015-8f4-5b10114f2003a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 29 Oct 2020 10:45:39 GMT
Content-Length: 1136
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 1777 0
0 22ms
22ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
X-Akamai-Path-Stats: [3:148423:3577]
Cache-Control: public, max-age=58328
Expires: Fri, 30 Oct 2020 02:57:47 GMT
Date: Thu, 29 Oct 2020 10:45:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 /
onetag-sys.com/usync/ Frame C9AC 0
0 24ms
23ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1603968336426

Requested by

Host: securityonline.info
URL: https://securityonline.info/porpoiseant/dall3270.js?cb=191-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1603968336426
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=index_rtb&uid=X5qdU-6wd3LNENRcjeEtKgAA%261113

0
138 B

162ms
162ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=index_rtb&uid=X5qdU-6wd3LNENRcjeEtKgAA%261113
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 29 Oct 2020 10:45:38 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy

Redirect headers

Pragma: no-cache
Date: Thu, 29 Oct 2020 10:45:39 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=index_rtb&uid=X5qdU-6wd3LNENRcjeEtKgAA%261113
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Thu, 29 Oct 2020 10:45:39 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3c65bb9e-ab92-4a03-9cf4-8236a260bb33%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=sovrn&uid=de3199b9105fbff83aef60cd

0
141 B

92ms
91ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=sovrn&uid=de3199b9105fbff83aef60cd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 29 Oct 2020 10:45:39 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy

Redirect headers

Date: Thu, 29 Oct 2020 10:45:39 GMT
Server: nginx
Location: https://prebid.a-mo.net/setuid?A=3c65bb9e-ab92-4a03-9cf4-8236a260bb33&D=&bidder=sovrn&uid=de3199b9105fbff83aef60cd
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
onetag-sys.com/usync/ 0
84 B 25ms
24ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
strict-transport-security: max-age=2592000
cache-control: no-cache, no-transform
content-length: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
193 B 196ms
195ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4321448892538175&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968339988&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968339&dt=1603968339994&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2960&adks=527514099&ucis=e&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=15&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=8&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5fa7ac102024f8a4a87b3c59f7053ede0dac550dc50388ff0a7be07c46f4cce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
167 B 341ms
341ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=77924094433538&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D460618%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dsecurityonline_info-large-mobile-banner-1-460618%26eb_br%3D5bac35e1a3b6adc56da706000a645484%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D650%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D1100%26reqt%3D1603968339999&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340062&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=4315&adks=3089213337&ucis=f&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=16&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x98&msz=982x92&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=982&btvi=9&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a50eba129ef1d314b78354f45df3e1216549a35fcd795e0ad17ddd9e0a65c9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
159 B 408ms
408ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1905556264508667&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968340067&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340069&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=561&adks=4286431424&ucis=g&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=17&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5904da028a22641fdfb6ccec6d93705b2bc6e5bfd96107d2665cbf8e0894b320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
166 B 211ms
210ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2990601676360565&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968340074&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340076&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2414&adks=2226679626&ucis=h&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=18&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=10&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

04a5f1aba9458cbfd6c81716b6569cdd0add71a1d7d39d08a53c61628279c40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
162 B 217ms
216ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4067690121829043&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968340080&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340082&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1107&adks=3926214249&ucis=i&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=19&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

62bbd1c6850bbe1337f79310b88d01846c9f85c17a1e2aac88fdceb8c596eac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
173 B 365ms
364ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3641259171799086&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C120x240%7C970x90%7C970x250%7C180x150%7C728x90%7C300x250%7C320x50%7C200x200%7C125x125%7C234x60%7C250x250%7C468x60%7C320x100&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D465416%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-3-465416%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ft%3D1%26br1%3D500%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D1000%26reqt%3D1603968340087&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340089&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=787&adks=2855817402&ucis=j&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=20&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=880x407&msz=880x400&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b9f48e9e7bfb5e4f0bc3ba7eb14f80b6a57f6f23afeabb4636a654778cc2ac12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
166 B 250ms
195ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3020809524236890&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968340095&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340098&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2141&adks=4076339080&ucis=k&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,37a5d7|color_text,,000000|color_url,,F0F0F0&ifi=21&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=11&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7b6bd3ddbed8ef319daa9e69cce780979063218c3dd7e959fb2a324faa806177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
163 B 194ms
193ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1125247201355027&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C124%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968340107&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340161&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1380&adks=2680230968&ucis=l&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF0000|color_text,,000000|color_url,,FF0000&ifi=22&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=12&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ffc65e2c520c9ff0325a67d3e3f79ebfe7c83f3e8c2ea254f860b5c73ffcea1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
160 B 353ms
352ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=611610854218299&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968340166&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340169&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=834&adks=520180478&ucis=m&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=23&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b999a53a07f85fc0aba18c0e28c154b0655793ee284f7dcdbc2d8a243abf2695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
169 B 225ms
225ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3143471479052582&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=3&rcs=1&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D900%26reqt%3D1603968340188&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340190&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2687&adks=185582216&ucis=n&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=24&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=13&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d0d7f5312214ef5f94de9dd313fea4752ef986ee4d67dec2dac0d1e09f8b56c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
181 B 299ms
299ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2112035462438991&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=4&rcs=1&prev_scp=iid5%3D474568%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-2-474568%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D1%26ft%3D1%26br1%3D550%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26hb_bidder%3Dix%26hb_adid%3D109d2adc83985e1f%26hb_pb%3D0.00%26hb_format%3Dbanner%26hb_ssid%3D10082%26lb%3D1100%26reqt%3D1603968340338&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340340&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1102&adks=3873167905&ucis=o&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=25&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f1388ea845abf2b85d8e652d4c58fd65736e898a3472bf3c4345150246f7631d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 336 B
180 B 330ms
330ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3789672663927939&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D280%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340504&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340507&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2960&adks=527514099&ucis=p&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=26&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=14&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2aca79bc7c205125f87721609bc8bc561c2fb4b57e13dd670c087335de0dabab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
168 B 335ms
332ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3363667362565769&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D460618%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dsecurityonline_info-large-mobile-banner-1-460618%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D450%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D650%26reqt%3D1603968340571&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340580&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=4315&adks=3089213337&ucis=q&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=27&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x98&msz=982x92&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=982&btvi=15&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f9d90b7f23b57603f9dce4fbc26ba61ee18685d89fbff1280411b4d5e8edfdfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
160 B 258ms
258ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=291508746474419&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D350%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340621&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340623&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=561&adks=4286431424&ucis=r&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=28&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

82dfedba5e121b4d7f40ea92b661cbfaea815e3b9d4b269a87a95ed047d31555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
165 B 324ms
323ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2318758312411968&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D280%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340628&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340631&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2414&adks=2226679626&ucis=s&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=29&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=16&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

397cd6fd028ed769f312267d5de9c3ec6b26ed7a80306eafd5f72c1d3e6e0e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
182 B 376ms
375ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4225911096551852&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D350%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340634&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340636&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1107&adks=3926214249&ucis=t&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=30&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d5143237b35b5b374b003e21229125bb82f540d1a0fb754ad579fb047d4bc094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
12 KB 373ms
372ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1729523920630981&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C120x240%7C970x90%7C970x250%7C180x150%7C728x90%7C300x250%7C320x50%7C200x200%7C125x125%7C234x60%7C250x250%7C468x60%7C320x100&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D465416%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-3-465416%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ft%3D1%26br1%3D180%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D500%26reqt%3D1603968340640&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340642&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=787&adks=2855817402&ucis=u&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=31&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=880x407&msz=880x400&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8c10cff694c4205e62d2fbefcba45426e5876dddebc00d92bf465b3dc793f5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12178
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
166 B 353ms
353ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=179933718099194&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D280%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340646&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340648&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2141&adks=4076339080&ucis=v&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,37a5d7|color_text,,000000|color_url,,F0F0F0&ifi=32&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=17&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4d7dbbe4fbeb51701a9ff7dc04bb0ef354419f4ada3aac91fee163d3fd8116c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 219ms
218ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3898754487206011&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&ris=4&rcs=1&prev_scp=iid5%3D463318%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dsecurityonline_info-box-3-463318%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26ft%3D1%26br1%3D350%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D700%26reqt%3D1603968340651&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340653&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=513&adks=96935267&ucis=w&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=33&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=880x99&msz=882x92&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=882&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2588986096b4c911239001e4a084763524dd7bc327d9833616b030d9ca286834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10768
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
123 B 23ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY4MjY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sZWFkZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2ODI2OCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGVhZGVyLTEtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY4MjY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sZWFkZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:40 UTC

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
160 B 336ms
335ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=629674652149188&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C124%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D350%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340671&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340673&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1380&adks=2680230968&ucis=x&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF0000|color_text,,000000|color_url,,FF0000&ifi=34&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=18&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

be5cbeb8862a915ad88bd2dc542129f3b375953b5dc58ceca3aba55bf7568430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
159 B 247ms
246ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4091127669054737&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D350%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340688&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340690&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=834&adks=520180478&ucis=y&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=35&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a04041cf77ed8b4f77c1aeabf67bb4199bf563dd6089005816aa26826c882054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
166 B 312ms
312ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1647774572842181&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D280%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968340705&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340707&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2687&adks=185582216&ucis=z&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=36&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=19&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

aa00013447c8b5f21afc917c72450c52142547c9fef5cf1b5278efdcdaa67fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
174 B 301ms
300ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2323758558272091&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=2&prev_scp=iid5%3D474568%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-2-474568%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D1%26ft%3D1%26br1%3D400%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26hb_bidder%3Dix%26hb_adid%3D109d2adc83985e1f%26hb_pb%3D0.00%26hb_format%3Dbanner%26hb_ssid%3D10082%26lb%3D550%26reqt%3D1603968340854&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968340&dt=1603968340856&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1102&adks=3873167905&ucis=10&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=37&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5e374b643979416f3e31a28d02af093718cdfd2d85f40a1dab8a040110b0bc76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame BA00 204 KB
56 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame BA00 14 KB
5 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3404
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame BA00 96 KB
29 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3403
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame BA00 4 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3391
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame BA00 45 KB
14 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3391
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA00 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40276
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA00 295 B
324 B 12ms
11ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46339
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame BA00 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f13e98fe054b3e5b8f13c1a9383dfd74ce426daf28d5f6110072a9498deb82b

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 12189313678753664656
tpc.googlesyndication.com/simgad/ Frame BA00 17 KB
17 KB 13ms
12ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12189313678753664656?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnGBN4laIF3KreY2i_vMln4cNcKaw

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61a943a8c41eed9afc4a314af225ef8d76f25fecf0bd42b78f48c69cffa1508e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:36:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2020 00:00:30 GMT
server: sffe
age: 83356
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17353
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:36:24 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA00 0
0 33ms
32ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct_j6VJ2aX6G9K-ON7_UP-uyt4AKDmZ7SX5PnlsLGDPvCv-6oHBABIPT5xiVgkYSThfwXoAHNs7-jA8gBAuACAKgDAcgDCKoEvAJP0Lma0F8yC448rHHpbbm8QUSj-pCOqneeU9yHjtvQfR10JLIfwpx3_z5cu2_LvZ69R9Rq11drHDW791TCgzU2W5IFK4y_iPAPflbv0MCt3nK4C2sz-jL7LlFaMKSOxPGWTlk9YCFc4qtiE-xGCbg7sKWVKhKe-z0_5N_Nj8bwWKF7khFx1dNKyuqAW7uPjIglkNN61ihZ8PsQG1rr-XtDJnafmxVC7Mj-yfcmUBpgLLfiHPMYVuhghWJHtWEVvvO-S_ia88O00iSYYne8rKxMZO22AfFWAhPrP6hy2YGboJ8iJ6m9qtzgUQZbxkhSwOj_i4rKqqQQntKODGVx16KJJZAItHU2aaAOFGRfau5KLevlUCI3Bf3UBR-26EdjI72l8-zKsoSkO1C1IaXr_IABpTTWXB-MiLu5zadTwASjoeeuqAPgBAGSBQQIBBgBkgUECAUYBKAGAoAHm8zAXKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRDnxZIB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00Nzc2MDYzMTU4MjQyNTg4gAoDyAsBsgwUcHViLTYzOTY4NDQ3NDI0OTcyMDjCDAIIAdgTAg&sigh=-Sr0P8MzINE&tpd=AGWhJmse6IelFoeFu5inyqomuoZV12PlUHYoGpUR_Mrppahk-Q
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 29ms
24ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 27ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDYzMzE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjMzMTgiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiOWUwYTFjZTViMjQ1NWNiOWI0OGQ1ZGY0YzZiZjQwNTMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2MzMxOCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTMtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMzUsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDM1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDcsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjMzMTgiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1MDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2MzMxOCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTMtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:40 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 27ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDYzMzE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMjkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:40 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 27ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDYzMzE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYXVjdGlvbl9lcG9jaCI6MTYwMzk2ODM0MSwiYWRfcG9zaXRpb24iOjExMDQsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NzAwLCJiaWRfZmxvb3JfcHJldiI6NzAwLCJiaWRfZmxvb3JfZmlsbGVkIjozNTAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjIzMSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:40 UTC

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BA00
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

38ms
38ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 29 Oct 2020 10:45:40 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
166 B 174ms
174ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2163971525149866&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D140%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D280%26reqt%3D1603968341021&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341024&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2960&adks=527514099&ucis=11&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=38&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=107&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=20&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4482526df917b74b50a7a3daf3d801d2e7232c64fcae8efeee2ff06c142b35fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame E201 204 KB
56 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3394
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame E201 14 KB
5 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3405
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame E201 96 KB
30 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3404
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame E201 4 KB
2 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3392
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame E201 45 KB
14 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3392
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E201 7 KB
824 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 09:36:41 GMT
server: ESF
date: Thu, 29 Oct 2020 10:45:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 10:45:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E201 5 KB
738 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 08:57:08 GMT
server: ESF
date: Thu, 29 Oct 2020 10:45:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 10:45:41 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E201 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40277
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E201 295 B
324 B 7ms
6ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46340
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame E201 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d40095f232395afb1c827c9c159059266440f144e6d8c5ec830d7f1c6e4a04f2

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14065169474590120538/ Frame E201 66 KB
66 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14065169474590120538/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qmp6QCwoTi-T2IoJRbxir8twE2cmw

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8938ef87d3b395c000d1facf39fdb9a8b14160614682964fce8506130773828c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 15:33:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 30 Aug 2020 07:48:41 GMT
server: sffe
age: 69112
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67395
x-xss-protection: 0
expires: Thu, 28 Oct 2021 15:33:49 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14885163783912385153/ Frame E201 7 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14885163783912385153/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qkVRZxpfykvJbZkHOKQE6_l8PO9-g

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372babe9a423bc48c73277d43a1ce39e02ec0a9daa2c9ffa8a1603215d00b187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 05:00:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 18:37:29 GMT
server: sffe
age: 20700
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7653
x-xss-protection: 0
expires: Fri, 29 Oct 2021 05:00:41 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E201 0
0 35ms
34ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cp9GPVJ2aX_zYKq6O7_UPvdWS4AHYifLwX-fg3JbSDLi5sv2zIRABIPT5xiVgkYSThfwXoAGuksDLA8gBBuACAKgDAcgDCqoEvwJP0HIouodx1G5s1m2TzR0mcis2zC7EIPx8jkTo3WiPWYxddzScFtylEgvFSLD98UUxfVFAPxReNLsDhL9A-no8vJSEFnj6MV1GQLDh98p7tT7NEuKYNItDWi7rpnSDwpStwt9Z7ymdkCpsc0Z-JYio2RkHkM1xnzGF2omdur7jRRDwu_FlHNQX921ZM1FuXtMD-ETMiRNfW49pOld3vV7LMvGMTuBkoRDvKqLZiSam3I8LzdzTxkj1cwsATbgZAFykVM_dlNPO6PKGFITtmWBfEny_LHavTSyaJJHpGshjfLipopOk-vbxopVB1vQCMTOhGL2DmGxVBe84adsuGUgmoSMchngeKychW4rUkScHJtghleL0HFwP9SDjNgUExHoLHR-dQlf2ydxpHsu8nkkIyHSakpNTqupTxdzDni05wAS955j2igPgBAGSBQQIBBgBkgUECAUYBKAGN4AHuu2_NKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDHmUPSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ3NzYwNjMxNTgyNDI1ODiACgPICwGyDBRwdWItNjM5Njg0NDc0MjQ5NzIwOMIMAggB2BMM&sigh=2igwezJ7ip4&template_id=492&tpd=AGWhJms1bTQKmx48tTBO1EdnVoR4t8SNbkN_iiSpbBX521HSAg
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E201 0
0 15ms
14ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-j-B8QHX-MqA1f94x9zypHQp3Fc_IAE6WuEKSlmP-cxMc5YRNn37aFhCTei-_d6CmFkl5FMJbXdXU0-RB8arjDKZgXQ
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 28ms
26ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 26ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY1NDE2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjU0MTYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTExMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiOWFlNTg3Zjk1ZTk1Yzg3NmI3Yjc2ZmQ0YzcyYTM4MzgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2NTQxNiIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTgsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE4LCJiaWRfZmxvb3JfcHJldiI6MC4wMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjU0MTYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTExMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTY5ODgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2NTQxNiIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
123 B 24ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY1NDE2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMjkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 25ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDY1NDE2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYXVjdGlvbl9lcG9jaCI6MTYwMzk2ODM0MSwiYWRfcG9zaXRpb24iOjExMTIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTAwMCwiYmlkX2Zsb29yX3ByZXYiOjUwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTgwLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0MDEsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E201 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 84308
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E201 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 84308
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:33 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 334 B
163 B 313ms
312ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2819365068871069&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D460618%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dsecurityonline_info-large-mobile-banner-1-460618%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D350%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D450%26reqt%3D1603968341119&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341120&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=4308&adks=3089213337&ucis=12&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=39&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x98&msz=982x92&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=982&btvi=21&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

021cf9ce6e33bcbad948036d79073eeda3b73c1c351cc908c061e6ffb53b5606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E201
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

42ms
41ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 29 Oct 2020 10:45:41 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
159 B 174ms
173ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=701640802574657&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D220%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D350%26reqt%3D1603968341147&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341148&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=561&adks=4286431424&ucis=13&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=40&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9dc55f663f6facc09a8e48b440d941a87d29c6041237e8be845ee66893fbba3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
166 B 300ms
299ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1202595707018065&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D140%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D280%26reqt%3D1603968341152&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341154&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2414&adks=2226679626&ucis=14&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=41&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=22&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

cf8050d77cabaaa8a72fdb2357cc14768190e0085297fdfff386f4af7b06ed04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 175ms
175ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=431809554902518&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D220%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D350%26reqt%3D1603968341171&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341174&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1107&adks=3926214249&ucis=15&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=42&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d701b349124e46f0f6738b2712c1daf8d1499b2940f7a8abbfc720448f5945e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
171 B 213ms
213ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1264456001829345&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D140%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D280%26reqt%3D1603968341178&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341180&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2141&adks=4076339080&ucis=16&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,37a5d7|color_text,,000000|color_url,,F0F0F0&ifi=43&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=23&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

82e768572a1b1cf224db10cc21e6960171010984d927f40d11999d30af6185eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 223ms
222ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=84666951599493&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C124%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D220%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D350%26reqt%3D1603968341187&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341189&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1380&adks=2680230968&ucis=17&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF0000|color_text,,000000|color_url,,FF0000&ifi=44&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=24&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

68fd7158e21d9af1c3351376054939421ded0636cfbedff658974049e69f6ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14065169474590120538/ Frame E201 66 KB
66 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8938ef87d3b395c000d1facf39fdb9a8b14160614682964fce8506130773828c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 15:33:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 30 Aug 2020 07:48:41 GMT
server: sffe
age: 69112
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67395
x-xss-protection: 0
expires: Thu, 28 Oct 2021 15:33:49 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14885163783912385153/ Frame E201 7 KB
7 KB 7ms
6ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372babe9a423bc48c73277d43a1ce39e02ec0a9daa2c9ffa8a1603215d00b187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 05:00:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 18:37:29 GMT
server: sffe
age: 20700
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7653
x-xss-protection: 0
expires: Fri, 29 Oct 2021 05:00:41 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E201 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40277
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E201 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46340
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 239ms
238ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3975120407309434&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D220%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D350%26reqt%3D1603968341205&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341207&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=834&adks=520180478&ucis=18&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=45&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9242e26592a6086d03a8dbec9cffe881c478d57f860d5595f0d55c31d04c8d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
167 B 215ms
214ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4232980370587948&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D140%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D280%26reqt%3D1603968341222&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341224&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2687&adks=185582216&ucis=19&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=46&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=25&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7cfa02ebdb54b9a6b545ab4a4b671041749c34435a7666528216ce80dadd1be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
172 B 203ms
203ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3522755835870484&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=3&prev_scp=iid5%3D474568%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-2-474568%26eb_br%3D8de2c8ca79e8623e3cb37120a35ebaa2%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D1%26ft%3D1%26br1%3D240%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26hb_bidder%3Dix%26hb_adid%3D109d2adc83985e1f%26hb_pb%3D0.00%26hb_format%3Dbanner%26hb_ssid%3D10082%26lb%3D400%26reqt%3D1603968341371&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341374&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1102&adks=3873167905&ucis=1a&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=47&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2249272049d3442b6bf5eb32958a4730e26ed5ccf42985804552efc173c9ae0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
167 B 212ms
212ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1789549033419298&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D140%26reqt%3D1603968341538&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341540&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2960&adks=527514099&ucis=1b&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=48&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=26&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c23077a2766961aa754391d20fbcb5b23ca129071ff0e02a8f83f9ab00c5e8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 334 B
164 B 545ms
544ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1073898316098627&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D460618%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dsecurityonline_info-large-mobile-banner-1-460618%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D300%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26lb%3D350%26reqt%3D1603968341638&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341641&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=4308&adks=3089213337&ucis=1c&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=49&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x98&msz=982x92&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=982&btvi=27&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8c192c9a6a469f08ad42b2a1f944d6eb733d4f47414a210b7ca5abc9b318cc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 179ms
179ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2679359685096327&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D120%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D220%26reqt%3D1603968341654&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341656&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=561&adks=4286431424&ucis=1d&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=50&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6a9624a8cbc97a006cefd84531522a7fc114ce35a59fef3101b3071ccca54b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
167 B 200ms
199ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=116407714814617&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D140%26reqt%3D1603968341671&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341673&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2414&adks=2226679626&ucis=1e&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=51&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=28&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

babd6c5725b7b3f050f769101c40918bdfdbb92911e0b7d0f5e34c2e00237e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 206ms
206ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3304532272290624&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D120%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D220%26reqt%3D1603968341687&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341689&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1107&adks=3926214249&ucis=1f&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=52&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2d7d77f54dcfac81411871bf636df7e5b948e7044ea1cd2f71f9be5d90ae14b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
167 B 236ms
236ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4462760611100140&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D140%26reqt%3D1603968341692&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341694&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2141&adks=4076339080&ucis=1g&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,37a5d7|color_text,,000000|color_url,,F0F0F0&ifi=53&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=29&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

766f8a1be5d8df87ccdbc9ef94f2978bac2ab819dfad6363b16ce63faec568ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 173ms
173ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=48744303113457&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C124%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D120%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D220%26reqt%3D1603968341704&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341706&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1380&adks=2680230968&ucis=1h&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF0000|color_text,,000000|color_url,,FF0000&ifi=54&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=30&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8b08a0e99aa538247c0289c9213b4c441651a8bb86a8a51cf7e701d47abb8a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 217ms
217ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2960660606674217&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D120%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26lb%3D220%26reqt%3D1603968341721&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341723&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=834&adks=520180478&ucis=1i&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=55&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9ab53e2e488974a1d56116ced8a220550a779a08241afeb94c4cd25b2d0876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
166 B 212ms
212ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3133456729946491&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D140%26reqt%3D1603968341738&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341740&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2687&adks=185582216&ucis=1j&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=56&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=106&icsg=4236130531278850&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=31&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

65da5ce5db5c7f1790c602238b5b9eb93dcb3d2d2f587eb7ad169b1951fa2a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 821 B
1 KB 75ms
21ms Script
application/javascript 2600:9000:20d7:fa00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:fa00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 03:15:53 GMT
via: 1.1 375ffc8f2a15d6fd2fa731e1cdf5a737.cloudfront.net (CloudFront)
last-modified: Fri, 28 Aug 2020 00:49:20 GMT
server: nginx/1.16.0
age: 4433388
etag: "335-5ade56c524400;5aeb0a89dfb5f-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 821
x-amz-cf-id: YqC0i4kti6y253AdU_xDLhQjmdeIpJTnr6SK3SxtFtgzyD3jP9xr9w==

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 23ms
21ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY4MjY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sZWFkZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjIyMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6Ijc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjA2MTgiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLW1vYmlsZS1iYW5uZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjU5NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY1NDE2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6Ijc4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNTkifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 24ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNzgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6Ijc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNjYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMF8xIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjMwMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 23ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMzQ3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI0MTAifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2MzMxOCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTMtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI1OSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 24ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY4MjY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sZWFkZXItMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIyMTM5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTA5NCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDYwNjE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1tb2JpbGUtYmFubmVyLTEtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjE0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNDMwNyJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2NTQxNiIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjE0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNzg3In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTE4MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNTYwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 25ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTgwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI4MzMifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjExODAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDYifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjExODAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEzNzkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTgwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIyMTQwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTgwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIyNDEzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 35ms
34ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTgwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIyNjg2In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTgwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIyOTU5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDYzMzE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI1MTIifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 9ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:41 GMT
content-encoding: gzip
etag: "O/+l6c17R2TQ0JQMJXOiXA=="
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 05 Nov 2020 10:45:41 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 69ms
24ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 29 Oct 2020 10:45:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 30 Oct 2020 10:45:41 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
347 B 66ms
21ms Script
application/x-javascript 2600:9000:20d7:a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 01:00:13 GMT
via: 1.1 e7ac510e4ba21d85d8aee7d252b283a9.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 35130
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: XtdtvAWyT7fv3SLPshw4r35xRrR-Egyb6HpYjcReWRsFigQ2aaoo4A==

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
193 B 246ms
245ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4343499564707474&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=4&prev_scp=iid5%3D474568%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-2-474568%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D1%26ft%3D1%26br1%3D120%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%26ax_ssid%3D10082%26hb_bidder%3Dix%26hb_adid%3D109d2adc83985e1f%26hb_pb%3D0.00%26hb_format%3Dbanner%26hb_ssid%3D10082%26lb%3D240%26reqt%3D1603968341888&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968341&dt=1603968341890&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1102&adks=3873167905&ucis=1k&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=57&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

81f72da72458d32cda79044f0b08d2de931b968006df153604e683306e424578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1603968341942&ns_c=UTF-8&cv=3.5&c8=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&c7=https%3A%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1603968341942&ns_c=UTF-8&cv=3.5&c8=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&c7=https%3A%...

0
528 B

23ms
22ms

Image
text/plain

2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1603968341942&ns_c=UTF-8&cv=3.5&c8=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&c7=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Oct 2020 10:45:41 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1603968341942&ns_c=UTF-8&cv=3.5&c8=PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019&c7=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 29 Oct 2020 10:45:41 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1650202357;labels=Domain.securityonline_info%2CDomainId.124533;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-...
pixel.quantserve.com/ 35 B
210 B 10ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1650202357;labels=Domain.securityonline_info%2CDomainId.124533;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F;fpan=1;fpa=P0-569966972-1603968341953;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=securityonline.info;je=0;sr=1600x1200x24;dst=1;et=1603968341953;tzo=-60;ogl=locale.en_US%2Ctype.article%2Ctitle.PrintSpoofer%3A%20Abusing%20Impersonation%20Privileges%20on%20Windows%2010%2FServer%202019%2Cdescription.PrintSpoofer%3A%20From%20LOCAL%2FNETWORK%20SERVICE%20to%20SYSTEM%20by%20abusing%20SeImpersonatePrivi%2Curl.https%3A%2F%2Fsecurityonline%252Einfo%2Fprintspoofer-abusing-impersonation-privileges-on-win%2Csite_name.Penetration%20Testing%2Cimage.https%3A%2F%2Fsecurityonline%252Einfo%2Fwp-content%2Fuploads%2F2020%2F10%2Fdemo%252Egif%2Cimage%3Awidth.973%2Cimage%3Aheight.506

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:41 GMT
strict-transport-security: max-age=86400
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BA00 42 B
175 B 22ms
22ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuJqt7Bl3qhwldC5rQJg1a9cH9LYgAZgHZBzjWXQNV5jxb1RAYWMZG9kto-kv_aU1b-XnoIiZGiPrnxotos7yvJh4Rm-BqlerFIZ0IB80ZjbEwjeK3y4NAjXIrex_wXmYmk7qFB6TSMnYH8mT4Q_j7&sai=AMfl-YSG-84c8f54yUPFYr2yidx5tRBhn-U4MvJHB65mo8rervamq6rTviwCdZxclRSQHq4q0nrDhL2rGmI21BqEZPZ4Kqg1VdbruvFA6-6xgZpHhLmpDtDZbEk1ajA&sig=Cg0ArKJSzOwI1vUYv-XjEAE&cid=CAASF-RosyyKeTlDfmDGuyZUjHqNswD7YVwV&id=ampim&o=217,513&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=117&tls=1117&g=100&h=100&tt=1117&r=v&avms=ampa&adk=96935267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
100 B 22ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDYzMzE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 226ms
226ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1106098300537006&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D12%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D50%26reqt%3D1603968342054&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342058&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2960&adks=527514099&ucis=1l&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=58&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=32&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

102c350599ef4cb1b0f1ad5ab2be359a65641660f461236456e35840c9abef87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10817
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 218ms
217ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4050277171628430&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D120%26reqt%3D1603968342171&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342173&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=561&adks=4286431424&ucis=1m&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=59&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

049ce15ea761b0fd846e10932a280a805d8c867c200855860cb5e03b7c1424c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10564
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 266ms
265ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3327875287602087&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D12%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D50%26reqt%3D1603968342188&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342190&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2414&adks=2226679626&ucis=1n&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=60&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=33&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f91ad1de97fe0c8d2227c18ad004dc381e755ebe321ec2da6517095d85ad5fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11212
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
164 B 196ms
195ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=660735082995237&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D120%26reqt%3D1603968342205&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342206&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1107&adks=3926214249&ucis=1o&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=61&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7c8d04ddc0bfed5dcf176d9bd9f1e308e2ee7a45c05fabc2e72f27dc78a8879d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 334 B
164 B 182ms
182ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3385267226877993&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D460618%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dsecurityonline_info-large-mobile-banner-1-460618%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D280%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26ax_ssid%3D10082%26lb%3D300%26reqt%3D1603968342210&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342211&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=4308&adks=3089213337&ucis=1p&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=62&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x98&msz=982x92&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=982&btvi=34&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8df3d372fe01d7c0ebfe066d7f444ab4cfd41e3af111096b15320db3e18c2d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 205ms
204ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2779612099261687&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D12%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D50%26reqt%3D1603968342214&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342216&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2141&adks=4076339080&ucis=1q&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,37a5d7|color_text,,000000|color_url,,F0F0F0&ifi=63&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=35&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7ac259ad51354b3bdfa6f51e643abcd8567651940967283e1b07b1877f8caae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10584
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E201 42 B
199 B 24ms
24ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvUo6Nvjw3suGG0wDbN6kAMU1mKlyt1I_NQXCLCbGjCdUosrnWp8bBFsSwGbaoP6W4wEwJFLClr4qylaOK2JKxv2-rGRkmPESME_kNTvDc9IhhqLYniFWb3h3jmiMDaMNIuz9AltCV18G9jKjhXkepKQ&sai=AMfl-YQ90fHRQKYew5MydpvIxY2Q1WVmVTeMfM6z-kXSxA92G_sfoih97jXWL9p3STupJtdJ0BUNaSe7HF93hygXAbuRx2CScZ76QIcNeVD3XpRZP-GTZQMhydadvQ0&sig=Cg0ArKJSzFLyZ3nu8kWeEAE&cid=CAASF-RowQ1oCuBlrx0AV4WL4laUbtz_3-cd&id=ampim&o=140,815&d=880,159&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=111&tls=1115&g=100&h=100&tt=1115&r=v&avms=ampa&adk=2855817402

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
100 B 23ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY1NDE2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
161 B 251ms
251ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=4428206635092628&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C124%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D120%26reqt%3D1603968342238&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342240&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1380&adks=2680230968&ucis=1r&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF0000|color_text,,000000|color_url,,FF0000&ifi=64&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=36&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

71a745576fd16bfdec7edb8f87f5f1d403e5f05072947ae5fa0064eaa265e665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
160 B 230ms
229ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2964563501441674&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D50%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26lb%3D120%26reqt%3D1603968342246&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342248&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=834&adks=520180478&ucis=1s&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=65&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

14315cc9803bdb867538306c3d327bc365b327197fc29004e95001d636af302b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 217ms
216ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2169452181591725&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=iid5%3D472019%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dsecurityonline_info-large-billboard-2-472019%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ft%3D1%26br1%3D12%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D50%26reqt%3D1603968342271&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342273&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=2687&adks=185582216&ucis=1t&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=66&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=110&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=37&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

68a56f46db46a81e28e3ff0a2ce7ff747b2f6272d4c9748cd3c3bd5dcc9782cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11321
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 17ms
17ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2079961931876282&r=320x50%7C300x250&w=300&h=250&a=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 99E7 204 KB
56 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3395
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 99E7 14 KB
5 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3406
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 99E7 96 KB
29 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3405
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 99E7 4 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 99E7 45 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99E7 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99E7 295 B
324 B 8ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 99E7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18a024d642675602faba539ed51653dce9f5e6f260da5131182b60d32faf5b5d

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 8419760587876308833
tpc.googlesyndication.com/simgad/ Frame 99E7 24 KB
24 KB 10ms
9ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8419760587876308833?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qngeeINeh_qSmfii38bQLba3hc9-Q

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a146a76b6725e208df9d634104dc257c956f405e0b50800f9aa369afbea3113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:36:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2020 00:00:31 GMT
server: sffe
age: 83364
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24791
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:36:18 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 99E7 0
0 14ms
13ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTg1fJAYLdMs23pykeXC1cCXd2hadcFWqlNGkUsVAWiAtPfc5UnNRb5dDxroVtV61YuKbP7nkj2sr3I7q1XYMD8ajqlGg
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 99E7 0
0 32ms
32ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClB1aVp2aX5zbBrvW7_UPhLi-mAODmZ7SX7vnlsLGDPvCv-6oHBABIPT5xiVgkYSThfwXoAHNs7-jA8gBAuACAKgDAcgDCKoEwAJP0JL8DpulyYG7kjmOLg_bAWBknvECVL5RWH2kmqh9Ehb_FkUZxm3jcrQOLGW9nY7-qj0e30CKiHc0-9yNysQdz49SF46rN-Wmr7WG97mkb2Pd0x0fvQgKowTA0Y81RPznrNI0tibJJI8PQAyccjjZzxNJYYx0SvSSPYFgL-Odkp3KGGEAbAVMQA1jvoCDB-L8DKnkDx3qy2eGN74x869Gj0JjDIXBk4H9Y0K2vLfj2DwD_HQLAZ-2FSwOgBUIQQd6sJe9-CnrJqSpJ0opPuN6C1IHjX3Ic9MQ2_dmQ-rW2r3X3p6fHae3pt-J5vFpOjoaeB28F7szECSP6zGFrLBQlAZ3L9HZib0XGiXpHPf86KP4DIAYrbMoRiM2EkqPIWqDf25cuELb64O9mz2r6tNkUeIrhmpiyT3BFVsvDmAJwMAEo6HnrqgD4AQBkgUECAQYAZIFBAgFGASgBgKAB5vMwFyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQxaMI0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00Nzc2MDYzMTU4MjQyNTg4gAoDyAsBsgwUcHViLTYzOTY4NDQ3NDI0OTcyMDjCDAIIAdgTAg&sigh=PciGQwqzk6c&tpd=AGWhJmsuIMI0dStvsuIma5XBCK0YIq6ABkjYvFZWyP5E_bAOKA
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 27ms
22ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 32ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMF8zIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjE0ZThhODVkNGM0MmZmMWRiODc5MGNiZWY5ZTMzNDkzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDUwNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 32ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMC0xMC0yOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjExIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 33ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhdWN0aW9uX2Vwb2NoIjoxNjAzOTY4MzQyLCJhZF9wb3NpdGlvbiI6MTEwMiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MDAsImJpZF9mbG9vcl9wcmV2Ijo1MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTIsImF1Y3Rpb25fY291bnQiOjYsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjIzOCwibXVsdGlfYWRfdW5pdCI6MywibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 23ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDYzMzE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ2MzMxOCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTMtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDYzMzE4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 87AC 204 KB
56 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3395
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 87AC 14 KB
5 KB 30ms
22ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3406
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 87AC 96 KB
29 KB 30ms
23ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3405
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 87AC 4 KB
2 KB 34ms
27ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 87AC 45 KB
14 KB 34ms
27ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 87AC 2 KB
2 KB 37ms
30ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 87AC 295 B
319 B 37ms
31ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 87AC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1e7607d8960897d45f87fe4a1e58626e1b992262557abb2327f493fe46a4442

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 18313529663406378898
tpc.googlesyndication.com/simgad/ Frame 87AC 23 KB
23 KB 20ms
17ms Image
image/gif 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18313529663406378898

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311f2c72fedf5fdc7ea954c0f3463b9aa4877c96804e367771d823dd6f4e8030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 23:10:28 GMT
x-content-type-options: nosniff
age: 41714
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23315
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 13:51:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 23:10:28 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 87AC 0
0 24ms
21ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSN5wuIau2vlVCHFTQGSckRJJs6cRn_FZG6MNHEpHE8NTvUOFUIOp1sVZ4lSR2RodLhq71k2lxL_ZJ34PhVRApGdPqFNw
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 87AC 0
0 37ms
34ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVwWsVp2aX5raDcWM7_UPgPm_sAyN_NLZV5uSjLjuCb_hHhABIPT5xiVgkYSThfwXoAG46PXeAsgBA6kCq-RPF6Kxsz7gAgCoAwHIAwiqBMMCT9DEQbpi3GqFZMNw_5Rge7HvyCK2PPJvBahlanjScvwLEOf2ocqHqIWrES_jpa50OvlFHWJ9vJMQBkznR-4SZiu10tbe4cpQ5pfSeJG8WIQUPaotSjgl8Ap2oN-Kn2KZE8izK5VYBxClM4vSzBUk0uOkDY7p2JGjVKLyrgCLGoj385ItiJ8KSI2GTHh_lYjfuWtS086zZNxTiIOLKFINLfT80gS7IiSlkzrqP1MpRJlP7wX4Kp4qYxkl7prLpTdEvNhAZaq25xrw8vlsiy61R9aUQcWW632bHeeAaq7clIOM0i5cVjUiNkQQVr3HuuennAZuqXRjqkdetNgEvmyNaKYyn3qt8OPrAJ6wswly-HMjYiu_pAPgvNDW6gfDdv5fNPm5cMs-LexViuadc7nVs0Bkdzyv0oandSkFmWTnGwDQQUnABMXJsZWKAuAEAZIFBAgEGAGSBQQIBRgEoAYDgAewl4qhAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDIrxLSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ3NzYwNjMxNTgyNDI1ODiACgPICwGyDBRwdWItNjM5Njg0NDc0MjQ5NzIwOMIMAggB2BMC&sigh=-IcSd3gtkaA&tpd=AGWhJmt-LDUMkLwVWwfYIyns3071j4B5gpfbA2uIxYipU8XNsQ
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
170 B 239ms
223ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=956717750823254&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=5&prev_scp=iid5%3D474568%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-2-474568%26eb_br%3D8fc09e60bfd78aa82afac0405213359a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D1%26ft%3D1%26br1%3D48%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26hb_bidder%3Dix%26hb_adid%3D109d2adc83985e1f%26hb_pb%3D0.00%26hb_format%3Dbanner%26hb_ssid%3D10082%26lb%3D120%26reqt%3D1603968342410&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342417&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1102&adks=3873167905&ucis=1u&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=67&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=108&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

54f2df8a7cb2f77c397893be60cc17ca7f7acee8d73157040c4709730775dd78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 8419760587876308833
tpc.googlesyndication.com/simgad/ Frame 99E7 24 KB
24 KB 34ms
16ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8419760587876308833?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qngeeINeh_qSmfii38bQLba3hc9-Q

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a146a76b6725e208df9d634104dc257c956f405e0b50800f9aa369afbea3113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:36:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2020 00:00:31 GMT
server: sffe
age: 83364
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24791
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:36:18 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99E7 2 KB
2 KB 16ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99E7 295 B
320 B 17ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 37ms
23ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 58ms
24ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiM2JhOTgyZmM0MjM4ZGQ0MTk3YjFkNTFiMzQ1NDc4ZGMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTE2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 57ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMjkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 58ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYXVjdGlvbl9lcG9jaCI6MTYwMzk2ODM0MiwiYWRfcG9zaXRpb24iOjExMDcsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6OTAwLCJiaWRfZmxvb3JfcHJldiI6MTIwLCJiaWRfZmxvb3JfZmlsbGVkIjo1MCwiYXVjdGlvbl9jb3VudCI6NiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MjMwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6NCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 673E 204 KB
56 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3395
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 673E 14 KB
5 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3406
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 673E 96 KB
29 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3405
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 673E 4 KB
2 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 673E 45 KB
14 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 18313529663406378898
tpc.googlesyndication.com/simgad/ Frame 673E 23 KB
23 KB 13ms
10ms Image
image/gif 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18313529663406378898

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311f2c72fedf5fdc7ea954c0f3463b9aa4877c96804e367771d823dd6f4e8030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 23:10:28 GMT
x-content-type-options: nosniff
age: 41714
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23315
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 13:51:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 23:10:28 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 673E 2 KB
2 KB 14ms
10ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 673E 295 B
320 B 14ms
11ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 673E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5568b2c3508044cf8a70a68c79be692942608486296b2dd43c58b86a8a5fac8a

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 673E 0
0 30ms
28ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtS8jhh8ENgWRlugjMA5HBOscc8Ngf_X-dP-_DtRj411jfnXKYdEr2tyfruf0SkPmWF0CtG27B5UYvl7BOX3l4AVXR-A
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 673E 0
0 36ms
35ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuXjtVp2aX7XIELGB7_UP0Jq1qASN_NLZV5uSjLjuCb_hHhABIPT5xiVgkYSThfwXoAG46PXeAsgBA6kC9gR0vHK4sz7gAgCoAwHIAwiqBMMCT9CmAGMCNyLH7tgc8eJtYfeiTJVWa_bxYlOA5LDe6240OSN8IeKrTqDUE3udDerr8IkhvNhoKpm49-sij1-FzL4DONYi0AuqE1tHSkInT_aAl3PI5XogwepqjRWpr65ryptCBmWaI9AWW096xhIrsTXBWLEO16Kdk_-gJQUO2cWQK53KKas1vZhj9qJQXPaKoymvX1Vx1JOVSr2cbzjMmMQ19Kut9l7bCup5C_6XukPi8Z8V02pO9e0QxwuLkgW0pAg_vgH5Sre2lmmhq6DNQCjlbrUgbWU73x98j68Uq2eB-3lSbl1OF2k388SHMRykGvAS9ZwurHuSJt9KkyUuT7vcNtpBYZi3n_nnpOh0SW6KFutn8JfsrMCOwmjSoRrboXJCa6qLO6K-ERVXdyXXb5eKJgCIriOO7GyaUMhx_b90U2XABMXJsZWKAuAEAZIFBAgEGAGSBQQIBRgEoAYDgAewl4qhAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC72AfSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ3NzYwNjMxNTgyNDI1ODiACgPICwGyDBRwdWItNjM5Njg0NDc0MjQ5NzIwOMIMAggB2BMC&sigh=Ig5PSKL2Xak&tpd=AGWhJmtZSKkaZsrBxm4TLCyQGu1CmGsFxyiTJ2SGXRR8ziTkQw
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 4173 204 KB
56 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3395
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 4173 14 KB
5 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3406
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 4173 96 KB
29 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3405
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 4173 4 KB
2 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 4173 45 KB
14 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 4173 5 KB
687 B 87ms
64ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 10:10:19 GMT
server: ESF
date: Thu, 29 Oct 2020 10:45:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 10:45:42 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 4173 5 KB
1 KB 84ms
61ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 10:42:19 GMT
server: ESF
date: Thu, 29 Oct 2020 10:45:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 10:45:42 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4173 2 KB
2 KB 15ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4173 295 B
320 B 15ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 4173 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4772f4500e9ad88ca1bc64ad747b57d02e63c1d901e0af5be662dabfbc41c7c4

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4587926283715543718/ Frame 4173 53 KB
53 KB 18ms
9ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4587926283715543718/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qm4QL0-4bKDz-dTJa4SvsHx8KBdAw

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25384bd5a9a54280df7ac740f87266a288913b6cd6201d020418083c1c0b635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 04:55:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2019 12:47:39 GMT
server: sffe
age: 21007
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53864
x-xss-protection: 0
expires: Fri, 29 Oct 2021 04:55:35 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4173 0
0 77ms
68ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHFbzVp2aX5PoDuSX7_UP9bO04AaC_9L-XOvqu8z0COiHhZ4LEAEg9PnGJWCRhJOF_BegAffrpu0DyAEGqQKCnxr7QrezPuACAKgDAcgDCqoExAJP0CnnFLD99l-KL3YwcdXc-FfQQ5oGiSOkMZ6RImYOw59nMVO---LQtsgdQawI8GyYgRhI7s8wpFXllPIe-vNemcpBgH3zeftgJHQcTm7Pip6CFjuApeBY-_ClaQv_Yq3p0socwRPRyoIgUzITInqo_3qH6I-y1DiMxQkBXONtVioyzqXL6Koq9IflU2hkQrFv2jR6vMooIalst4dIp-VbfsWZHIyjWJKomqmj-klKHBZdLcWrvbtXeKa4U31KkaVbc7SO_IIsGIw4kcQiHK42xyRbC6fPmBZEQE6jmd-c5EMcsitr_U3o_lLZT48fI0oAoxaUHquSYkx66w8uNOtctH42kihTovn0dNdZQFtroygGSKUPIS4Iyr_WSw70-r5-qv6-aZzLPmgA5cAUwi5n4iTK9Uk5wUHzmztdUFkDvYgYuKXABPLHjMu0AeAEAZIFBAgEGAGSBQQIBRgEoAY3gAfxk9kSqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPCHBtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDc3NjA2MzE1ODI0MjU4OIAKA8gLAbIMFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4wgwCCAHYEwuIFBE&sigh=UpcfqCwiGVY&template_id=492&tpd=AGWhJmuagOJXO_ImYVoJ00KJls1P-oOH49NZs1QtqJnB9G7ZKQ
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 69ms
62ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 65ms
59ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMTRlOGE4NWQ0YzQyZmYxZGI4NzkwY2JlZjllMzM0OTMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NTMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:41 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 67ms
60ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMjkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 62ms
56ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYXVjdGlvbl9lcG9jaCI6MTYwMzk2ODM0MiwiYWRfcG9zaXRpb24iOjExMDIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6OTAwLCJiaWRfZmxvb3JfcHJldiI6NTAsImJpZF9mbG9vcl9maWxsZWQiOjEyLCJhdWN0aW9uX2NvdW50Ijo2LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjoyNDQsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50Ijo0LCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 83ms
71ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 82ms
72ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMF8xIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjE0ZThhODVkNGM0MmZmMWRiODc5MGNiZWY5ZTMzNDkzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMSIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMSIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDUxNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 81ms
71ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMC0xMC0yOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjExIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 81ms
72ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhdWN0aW9uX2Vwb2NoIjoxNjAzOTY4MzQyLCJhZF9wb3NpdGlvbiI6MTEwMiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MDAsImJpZF9mbG9vcl9wcmV2Ijo1MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTIsImF1Y3Rpb25fY291bnQiOjYsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjMwMSwibXVsdGlfYWRfdW5pdCI6MSwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame B535 204 KB
56 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3395
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame B535 14 KB
5 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3406
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame B535 96 KB
29 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3405
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame B535 4 KB
2 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame B535 45 KB
14 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3393
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame B535 5 KB
687 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 10:22:21 GMT
server: ESF
date: Thu, 29 Oct 2020 10:45:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 10:45:42 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame B535 5 KB
687 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 08:57:00 GMT
server: ESF
date: Thu, 29 Oct 2020 10:45:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Oct 2020 10:45:42 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4587926283715543718/ Frame B535 53 KB
53 KB 12ms
8ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25384bd5a9a54280df7ac740f87266a288913b6cd6201d020418083c1c0b635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 04:55:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2019 12:47:39 GMT
server: sffe
age: 21007
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53864
x-xss-protection: 0
expires: Fri, 29 Oct 2021 04:55:35 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B535 2 KB
2 KB 15ms
11ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B535 295 B
319 B 15ms
11ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame B535 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e4fb61a8681d8a65da7f97300fa84e75d65c4d19962aa24c3b0c0b8eb28d584

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B535 0
0 36ms
33ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CL8w2Vp2aX43tE_7H7_UPvKuAqASC_9L-XOvqu8z0COiHhZ4LEAEg9PnGJWCRhJOF_BegAffrpu0DyAEGqQKCnxr7QrezPuACAKgDAcgDCqoExAJP0BpWknmOxplkUYgrM4HJaD2lA7MelsfINtxGbvFoyzktpqB4LcLizwVYZ8J63DNd59C_-L1T_QsYXvnVOgT7-A9bz-_m41dq92B_-PD-fYgpnsWQ0eaCo8mlUkclcP2cCX6dlHB6_cjNwPSCV-kVpQ2ZjFdO5johcd9wq93p9YT06oXL1yPwOxLEHlh6rE5IgBHtv_-OaEF9iBw3kGE3lTG3GcPH2F6L0LxcFpUQJrvETe0uBqrTOj_IQsVDGNTUOOLXfIOLNg1p9XkBMksC_QNi72uK_QGViyjFM-ZNyRqzFESbAFfgOLAyHWwuKKfb8uJbPdraW9OI_tRPEh2oHX5bqOice-eNg6OaKY0DzR0Ibt6NympbtQx4JiJAZaqa8GI4-ny7M86xjZoYZn-1YXEhtjpIvJ5sZY4-DvG3w7O7-oPABPLHjMu0AeAEAZIFBAgEGAGSBQQIBRgEoAY3gAfxk9kSqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEP3CBdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDc3NjA2MzE1ODI0MjU4OIAKA8gLAbIMFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4wgwCCAHYEwuIFBE&sigh=4McDuQglBpc&template_id=492&tpd=AGWhJmtXtTlYHH-bzedafBHG_MyjGm7GJFg8HmPS5KzpOIoz0Q
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B535 0
0 17ms
14ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzP0dz0JHa7CUiUxefk7HU-Nihtw0cAQ10kDsCFYTejiAkcJ1T6ljl1t6AcJqF91wyrJWaXaWrGs1Je802FXlXsWWPDw
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 23ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDY1NDE2IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzg4MCw0MDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NjU0MTYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTExMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 68ms
66ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 65ms
64ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMF8yIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjE0ZThhODVkNGM0MmZmMWRiODc5MGNiZWY5ZTMzNDkzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMiIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMiIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 64ms
63ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMC0xMC0yOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjExIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 65ms
64ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhdWN0aW9uX2Vwb2NoIjoxNjAzOTY4MzQzLCJhZF9wb3NpdGlvbiI6MTEwMiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MDAsImJpZF9mbG9vcl9wcmV2Ijo1MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTIsImF1Y3Rpb25fY291bnQiOjYsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM4NiwibXVsdGlfYWRfdW5pdCI6MiwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:42 UTC

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4173 11 KB
11 KB 78ms
19ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 84309
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:33 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4173 11 KB
11 KB 78ms
20ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 84309
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:33 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 270ms
269ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2388579282213795&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=6&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D8de355ef1cf56b7da61277050d9957b1%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D18%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D50%26reqt%3D1603968342789&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342791&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1107&adks=3926214249&ucis=1v&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=68&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=105&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

986839aa49d1e09aa75cc5aef8e5d9d449c08ca70ea32293a26e592a68937c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11600
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 264ms
263ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=136486499501772&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60&fluid=height&ris=1&rcs=6&prev_scp=iid5%3D460618%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D7%26at%3Dbf%26adr%3D399%26ezosn%3D12%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dsecurityonline_info-large-mobile-banner-1-460618%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D0%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D280%26reqt%3D1603968342794%26ss38%3D1%26ss9%3D1&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342796&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=4308&adks=3089213337&ucis=1w&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=69&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=105&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x98&msz=982x92&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=982&btvi=38&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

03ac41f81ed8d2d48d7b4d3db01d85c6cb5e970e6981bcfafac3e1e0629d0e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12145
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 258ms
258ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=2820396723215334&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=6&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C124%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D8de355ef1cf56b7da61277050d9957b1%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D18%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D50%26reqt%3D1603968342799&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342801&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=1380&adks=2680230968&ucis=1x&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF0000|color_text,,000000|color_url,,FF0000&ifi=70&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=105&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=39&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

89e29e767edac3d1081c783ad04d99d011496b03a96cc57b6adc89f30bbaea8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11491
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 369ms
368ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=1758624396541742&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=6&prev_scp=iid5%3D440969%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsecurityonline_info-box-1-440969%26eb_br%3D8de355ef1cf56b7da61277050d9957b1%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D18%26br2%3D450%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26lb%3D50%26reqt%3D1603968342806&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968342&dt=1603968342808&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=1181&adys=834&adks=520180478&ucis=1y&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,1a0dab|color_text,,545454|color_url,,006621&ifi=71&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=105&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x271&msz=302x264&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

fed8cd9057a795295001577ae9849f21049c79cfc6801afbca0156338d22ae31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8826
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B535 11 KB
11 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 84309
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:33 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B535 11 KB
11 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 84309
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:33 GMT

GET
H3-Q050 200 18313529663406378898
tpc.googlesyndication.com/simgad/ Frame 87AC 23 KB
23 KB 10ms
9ms Image
image/gif 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18313529663406378898

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311f2c72fedf5fdc7ea954c0f3463b9aa4877c96804e367771d823dd6f4e8030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 23:10:28 GMT
x-content-type-options: nosniff
age: 41714
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23315
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 13:51:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 23:10:28 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 87AC 2 KB
2 KB 44ms
43ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 87AC 295 B
319 B 44ms
42ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H3-Q050 200 18313529663406378898
tpc.googlesyndication.com/simgad/ Frame 673E 23 KB
23 KB 43ms
42ms Image
image/gif 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18313529663406378898

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311f2c72fedf5fdc7ea954c0f3463b9aa4877c96804e367771d823dd6f4e8030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 23:10:28 GMT
x-content-type-options: nosniff
age: 41714
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23315
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 13:51:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 23:10:28 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 673E 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40278
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 673E 295 B
319 B 43ms
43ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46341
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
28 KB 286ms
285ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2079961931876282&correlator=3041772124179855&output=ldjh&impl=fif&adsid=NT&eid=21068385%2C21067447%2C21067753%2C21068100%2C44730556&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201029&iu_parts=1254144%2Csecurityonline_info-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=6&prev_scp=iid5%3D474568%26t%3D134%26d%3D124533%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsecurityonline_info-medrectangle-2-474568%26eb_br%3Dad0061a38dd7c6f7bcb692aee88dfda4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%26asau%3D5229371956%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D1%26ft%3D1%26br1%3D14%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D78%252C13%252C140%252C27%252C46%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26hb_bidder%3Dix%26hb_adid%3D109d2adc83985e1f%26hb_pb%3D0.00%26hb_format%3Dbanner%26hb_ssid%3D10082%26lb%3D48%26reqt%3D1603968343070&eri=1&cust_params=pwtuid%3D%257B%2522pubcid%2522%253A%2522fe8678a3-6c85-4bba-ac7c-3dc4c2a51315%2522%257D&cookie=ID%3D2e3179b2c1c8a07a%3AT%3D1603968336%3AS%3DALNI_MbOHLmSbr3ZFBpTq2_R3at5QnhSrQ&bc=31&abxe=1&lmt=1603968343&dt=1603968343072&dlt=1603968335912&idt=698&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1102&adks=3873167905&ucis=1z&sps=channel,,3327506388|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=72&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecurityonline.info%2Fprintspoofer-abusing-impersonation-privileges-on-windows-10-server-2019%2F&dssz=105&icsg=3433723243003906&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=617932340.1603968336&ga_sid=1603968336&ga_hid=968709528&ga_wpids=UA-124345349-20&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

63812d2342fa516954e2143a727857e9ac411e0fd21a3417fc4ee4dc05b80700

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17230968635973876898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17230968635973876898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPnytrP2ewCFXVW5QodP8MCRQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/17230968635973876898/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17230968635973876898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17230968635973876898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPnytrP2ewCFXVW5QodP8MCRQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/17230968635973876898/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28008
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 29 Oct 2020 10:45:43 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityonline.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4587926283715543718/ Frame 4173 53 KB
53 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25384bd5a9a54280df7ac740f87266a288913b6cd6201d020418083c1c0b635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 04:55:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2019 12:47:39 GMT
server: sffe
age: 21008
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53864
x-xss-protection: 0
expires: Fri, 29 Oct 2021 04:55:35 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4173 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40279
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4173 295 B
325 B 8ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46342
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4587926283715543718/ Frame B535 53 KB
53 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25384bd5a9a54280df7ac740f87266a288913b6cd6201d020418083c1c0b635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 04:55:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2019 12:47:39 GMT
server: sffe
age: 21008
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53864
x-xss-protection: 0
expires: Fri, 29 Oct 2021 04:55:35 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B535 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40279
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B535 295 B
320 B 9ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46342
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 0C42 204 KB
56 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3396
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0C42 14 KB
5 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3407
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0C42 96 KB
29 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3406
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0C42 4 KB
2 KB 59ms
56ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3394
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0C42 45 KB
14 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3394
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C42 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40279
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C42 295 B
320 B 10ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46342
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 0C42 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29bf97a9a41b45645bc0656755c56a99b75422b06915db40782a397e78eff445

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 13278306491379333531
tpc.googlesyndication.com/simgad/ Frame 0C42 20 KB
20 KB 63ms
61ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13278306491379333531?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkokwFZLh6xURhhmm68t5yK-_5Mrg

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7766c313a88d86df2ef238701f8f3c807d6f0d5246f282a04c2f588e04f62448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:36:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Apr 2020 23:55:06 GMT
server: sffe
age: 83383
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20731
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:36:00 GMT

GET
H3-Q050

200

B23768030.267046128;dc_pre=CJi3z9rP2ewCFZ2rdwodt5EIrQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=962009389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 0C42
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=962009389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CJi3z9rP2ewCFZ2rdwodt5EIrQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=962009389;dc_lat=;dc_rdid=;tag_...

42 B
64 B

179ms
98ms

Image
image/gif

172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CJi3z9rP2ewCFZ2rdwodt5EIrQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=962009389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CJi3z9rP2ewCFZ2rdwodt5EIrQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=962009389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0C42 0
0 57ms
55ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmCCNVp2aX5qwNNm07_UPrMmKsAa-ldTzX9jlgoekC6iy6tuPDhABIPT5xiVgkYSThfwXoAHv9Y7bA8gBAuACAKgDAcgDCKoExAJP0EeE5kEmSqrqmzaw-xUxh5x2ysI7hQehVtGIlU6hwVZkkPmwQWJuP_8QZkG4LRyShPq98dAMzMv8TLngJJy8Ao4QdXwS4u7FrMw1DXi4BmWkrDyhsJnQfZy7tUXovcClzcU28bxghJnA6Qp_o7PUNGDybrGUEh5AP3N0IeSKoDyI19-YvjzZ7IopzUD4iDKxy9Y0ihjpBVcKEjbbOnBY30LugDJQFE4iNtB7ASlJtnocHWTqsPlcPtlSnas7AstopOJRCP8-F8lmz6lDhX65m29s1r4FFBpyFg_RvSPu2edpfk8O13ono10OzkybRvbhHWr9Bkmh1zVV96AniJBE3ZV7SP7xfaMs-Gqjr1n7a4AV_pMCwB70F3Y9-4VbuLliJzvtjxIAB8MQKhD-D7ed6M5KOp8b_bW7CT7BJPkRqI6V8NXABPn__tm5AuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeetpspqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOj4BNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDc3NjA2MzE1ODI0MjU4OIAKA8gLAbIMFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4wgwCCAHYEww&sigh=-vL-1-a-sWs&tpd=AGWhJmtNnVN4L7sfyzLEBqKYp_mO6hJBxEo89kq4Vym-E_TGoA
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 16C1 204 KB
56 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3396
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:07 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 16C1 14 KB
5 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3407
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 16C1 96 KB
29 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3406
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:48:57 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 16C1 4 KB
2 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3394
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 16C1 45 KB
14 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3394
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Thu, 29 Oct 2020 09:49:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 09:49:09 GMT

GET
H3-Q050 200 13278306491379333531
tpc.googlesyndication.com/simgad/ Frame 16C1 20 KB
20 KB 13ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13278306491379333531?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkokwFZLh6xURhhmm68t5yK-_5Mrg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7766c313a88d86df2ef238701f8f3c807d6f0d5246f282a04c2f588e04f62448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:36:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Apr 2020 23:55:06 GMT
server: sffe
age: 83383
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20731
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:36:00 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 16C1 2 KB
3 KB 13ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40279
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Oct 2020 23:34:24 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 16C1 295 B
383 B 13ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 46342
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Oct 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 16C1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a2768ff3d410424a31df51b3f1fd088c572a3461ee9d5f3f52465f70a38109c

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 16C1 0
0 20ms
15ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHkSAk42CwEREOjrHsUVUvFXp2X3D6FiZ8QE4khj05-EsxIrClDhMB3MXcmXr6n73CMJ9gkHoPuCT05qZ0T5kUwNZUmA
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050

200

B23768030.267046128;dc_pre=CIa7z9rP2ewCFeFQ5QodZb8CSg;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=396746923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 16C1
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=396746923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CIa7z9rP2ewCFeFQ5QodZb8CSg;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=396746923;dc_lat=;dc_rdid=;tag_...

42 B
504 B

178ms
99ms

Image
image/gif

172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CIa7z9rP2ewCFeFQ5QodZb8CSg;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=396746923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CIa7z9rP2ewCFeFQ5QodZb8CSg;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=396746923;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 16C1 0
0 38ms
31ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cdb-XVp2aX8rkM8HO7_UP86aGQL6V1PNf2OWCh6QLqLLq248OEAEg9PnGJWCRhJOF_BegAe_1jtsDyAEC4AIAqAMByAMIqgTFAk_QsFywVw8iVSUA8ZJ-kWH93cGtBl-aMwYpjbT8Aht6NqT-PvtGGE7Zxe1aT6QmqvIkPBidOXhbg4Z3vERBFB-zESWZVED7SsjfLlnO_2qzDp3YbBR77vi_vzcqZz50E4qrwXLR847r-J2p-x2NnhZ2a3WNbucPq5Y0I8V1XqLpJjD8QeKIFqcIEcnGW8nwCBR3TSn3m3r82u1tCk5Ccc9AbCAkmtFeBO-3NrOyJqhSl3jeo6ot0XghPq_EzSqP-xXufNaCfGNHHl6aXv_Pu_JQcfBhlVVO5RO8XpTIGwXtUISFg8aZdfbEXxWxD4yALVDuiKr4dBFTmihDerYG4glimj4wq-LrQKOY23FUGqg3XezB3v0x9TUCdllmMxO2269LISiGlsuzN_NspGN4okTXvuD-aGTRK2jAsZwZTmZAG5R7ReHABPn__tm5AuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeetpspqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOj4BNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDc3NjA2MzE1ODI0MjU4OIAKA8gLAbIMFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4wgwCCAHYEww&sigh=4WUHkPYCzT4&tpd=AGWhJmtd18aPnrKcRvBvcSPAL4iV9mRmcscL4kSFKNtJmuxoRw
Requested by: Host: securityonline.info
URL: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 73ms
72ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
123 B 71ms
70ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjhkZTM1NWVmMWNmNTZiN2RhNjEyNzcwNTBkOTk1N2IxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDE4LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTgsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDUwNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 72ms
71ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMC0xMC0yOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjExIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 71ms
70ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhdWN0aW9uX2Vwb2NoIjoxNjAzOTY4MzQzLCJhZF9wb3NpdGlvbiI6MTEwNywiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MDAsImJpZF9mbG9vcl9wcmV2Ijo1MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTgsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjMwMSwibXVsdGlfYWRfdW5pdCI6MywibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 66ms
64ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 64ms
63ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjhkZTM1NWVmMWNmNTZiN2RhNjEyNzcwNTBkOTk1N2IxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDE4LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTgsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDUwNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 64ms
63ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMC0xMC0yOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjExIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 64ms
63ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhdWN0aW9uX2Vwb2NoIjoxNjAzOTY4MzQzLCJhZF9wb3NpdGlvbiI6MTEwNywiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MDAsImJpZF9mbG9vcl9wcmV2Ijo1MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTgsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM3MSwibXVsdGlfYWRfdW5pdCI6MiwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 container.html
f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5348 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 29 Oct 2020 10:45:36 GMT
expires: Fri, 29 Oct 2021 10:45:36 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 7
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 104ms
28ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 101ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjhkZTM1NWVmMWNmNTZiN2RhNjEyNzcwNTBkOTk1N2IxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDE4LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTgsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzU0NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 100ms
21ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMC0xMC0yOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjExIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 31ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhdWN0aW9uX2Vwb2NoIjoxNjAzOTY4MzQzLCJhZF9wb3NpdGlvbiI6MTEwNywiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MDAsImJpZF9mbG9vcl9wcmV2Ijo1MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTgsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQ1NywibXVsdGlfYWRfdW5pdCI6MSwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H3-Q050 200 container.html
f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 04C6 0
0 96ms
78ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 29 Oct 2020 10:45:36 GMT
expires: Fri, 29 Oct 2021 10:45:36 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 7
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 97ms
93ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: securityonline.info
URL: https://securityonline.info/porpoiseant/banger.js?cb=191-2&bv=90&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 94ms
91ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzQ1NjgiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYWQwMDYxYTM4ZGQ3YzZmN2JjYjY5MmFlZTg4ZGZkYTQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3NDU2OCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDE0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTQsImJpZF9mbG9vcl9wcmV2IjowLjAwMDQ4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTA3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzQ1NjgiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 95ms
92ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMjkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 94ms
92ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYXVjdGlvbl9lcG9jaCI6MTYwMzk2ODM0MywiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTEwMCwiYmlkX2Zsb29yX3ByZXYiOjQ4LCJiaWRfZmxvb3JfZmlsbGVkIjoxNCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDIzLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 97ms
96ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMF8zIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzgifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:43 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
100 B 29ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzgifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 26ms
24ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NzIwMTkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzgifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 greenoaks.gif
securityonline.info/detroitchicago/ 43 B
77 B 81ms
79ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjYxNzgwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI2In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjEzMTQ3MDAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjEzIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiI3NjYyNDAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjQ3ODkifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
100 B 24ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI2Ml0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMF8xIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 87AC 42 B
176 B 65ms
64ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQmgshA-rsZFiGOIMeF0p0PrcaJmpvxE6-hdg5fZu66XGHZbg4is3Tpa4XiV2YML9JNq6aYwVLmCCafzCmgBY0XKbxgz_FjSMl5YLGRxIQkJiH98HqfILovn-zoQ&sai=AMfl-YTgjIfOFQ8fXBe1XXmYG3zWMaAQMuxhFri2bMHglnsNMLtbRmmsPYJO3f9Y-rjSvgHEfSPrubqj1QsTuaohK8TclJRD71yAZCM1X8xzpivDmDD1U97S7HYZUxo&sig=Cg0ArKJSzJx1KSVfPIAMEAE&cid=CAASF-RogH-aSDxYnEbSXSrhIxxYxMMpOfi6&id=ampim&o=1181,561&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=419&tls=1423&g=100&h=100&tt=1423&r=v&avms=ampa&adk=4286431424

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityonline.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 10:45:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 63ms
62ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 25ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDcyMDE5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1sYXJnZS1iaWxsYm9hcmQtMi0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI2Ml0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3MjAxOSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbGFyZ2UtYmlsbGJvYXJkLTItMF8yIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 22ms
21ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 23ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzgifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 22ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzgifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 24ms
23ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
77 B 22ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQwOTY5IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAzOTY4MzM1LCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiJiY2UwMGY2OS1iOWY2LTQ4MzEtNzdhOS1iZjNlYTZhZmQ1ZDYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0MDk2OSIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDA5NjkiLCJkb21haW5faWQiOiIxMjQ1MzMiLCJ1bml0IjoiZGl2LWdwdC1hZC1zZWN1cml0eW9ubGluZV9pbmZvLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzgifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:44 UTC

GET
H2 200 army.gif
securityonline.info/porpoiseant/ 43 B
123 B 22ms
22ms Image
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityonline.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzk3MCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ3NDU2OCIsImRvbWFpbl9pZCI6IjEyNDUzMyIsInVuaXQiOiJkaXYtZ3B0LWFkLXNlY3VyaXR5b25saW5lX2luZm8tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDM5NjgzMzUsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6ImJjZTAwZjY5LWI5ZjYtNDgzMS03N2E5LWJmM2VhNmFmZDVkNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDc0NTY4IiwiZG9tYWluX2lkIjoiMTI0NTMzIiwidW5pdCI6ImRpdi1ncHQtYWQtc2VjdXJpdHlvbmxpbmVfaW5mby1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwMzk2ODMzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiYmNlMDBmNjktYjlmNi00ODMxLTc3YTktYmYzZWE2YWZkNWQ2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:45:45 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 28 Oct 2020 10:45:45 UTC

Verdicts & Comments Add Verdict or Comment

407 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securityonline.info/	1970-01-19 22:54:24	Name: __gads Value: ID=2e3179b2c1c8a07a-22c5b9715ba60092:T=1603968336:RT=1603968336:S=ALNI_MaIwMT48x2zT8TQg5Pllq6PjckN8Q
.securityonline.info/	1970-01-19 13:35:41	Name: active_template::124533 Value: pub_site.1603968336
securityonline.info/	1970-01-19 22:54:27	Name: cto_bundle Value: ZVuMMV9BTzVPNWZqMm1IZlFRcHZLbTd4Z3pRM0V4VSUyRkRuZXl3UGpLQ1NYJTJGYWhoNkltZHA2d2tRc3M0MTVoQkFNa1cyYjZkd3Rtb0YlMkZnSnZVcENHWVNCSW9UVnBMYVI3aFhsbE9pSGZXcWJDYlo5MXhKZnRIdVpBQmhDc2RBbHdGSktNUg
securityonline.info/	1970-01-19 22:54:27	Name: cto_bidid Value: qiyAUl9wTjFuWHlVT1AyUUpxaFVxMmhSbU9SUFFaU2hyeGFFMmIwTnQwTCUyQk1YeW0lMkJjUHVTYXpSMUF1ZmdXNUdobFp5MUt0b1VSM3ZqJTJGbmJHVTJvM3Vvc3gzQSUzRCUzRA
securityonline.info/	1970-01-19 22:18:24	Name: ezux_lpl_124533 Value: 1603968336795\|bce00f69-b9f6-4831-77a9-bf3ea6afd5d6\|false
.securityonline.info/	1970-01-19 13:32:48	Name: _gat_gtag_UA_63315582_2 Value: 1
.securityonline.info/	1970-01-19 13:34:14	Name: _gid Value: GA1.2.109183952.1603968336
.securityonline.info/	1970-01-20 07:04:00	Name: _ga Value: GA1.2.617932340.1603968336
.doubleclick.net/	1970-01-19 13:32:49	Name: test_cookie Value: CheckForPermission
securityonline.info/	1970-01-22 02:52:00	Name: ezohw Value: w%3D1600%2Ch%3D1200
.securityonline.info/	1970-01-20 07:03:56	Name: ezosuigeneris Value: 9265f108406adcbd80773bd2ee8f6b35
.securityonline.info/	1970-01-19 13:32:48	Name: __utmt_f Value: 1
securityonline.info/	1970-01-22 02:52:00	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
.securityonline.info/	1970-01-19 13:32:48	Name: __utmt_e Value: 1
.securityonline.info/	1970-01-19 14:16:00	Name: __cfduid Value: dec7a1b7133887113c33a4bed5f3e168c1603968335
securityonline.info/	1970-01-19 17:52:00	Name: _pubcid Value: fe8678a3-6c85-4bba-ac7c-3dc4c2a51315
.securityonline.info/	1970-01-19 17:55:36	Name: __utmz Value: 264774413.1603968336.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.securityonline.info/	1969-12-31 23:59:59	Name: __utmc Value: 264774413
.securityonline.info/	1970-01-20 07:04:00	Name: __utma Value: 264774413.617932340.1603968336.1603968336.1603968336.1
.securityonline.info/	1970-01-19 13:32:50	Name: __utmb Value: 264774413.2.10.1603968336
.securityonline.info/	1970-01-19 13:32:55	Name: ezoref_124533 Value:
securityonline.info/	1969-12-31 23:59:59	Name: ezouspva Value: 0
securityonline.info/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.securityonline.info/	1970-01-19 13:32:50	Name: ezovuuid_124533 Value: 5b554baa-3bc0-4ccd-7c94-f16953dbcada
.securityonline.info/	1970-01-19 22:18:24	Name: ezCMPCCS Value: true
.securityonline.info/	1970-01-19 13:32:55	Name: lp_124533 Value: https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
.securityonline.info/	1970-01-19 13:35:41	Name: ezovuuidtime_124533 Value: 1603968335
.securityonline.info/	1970-01-19 13:32:50	Name: ezoab_124533 Value: mod21
.securityonline.info/	1970-01-19 13:32:50	Name: ezovid_124533 Value: 1194554330
.securityonline.info/	1970-01-19 13:32:50	Name: ezoadgid_124533 Value: -1
.securityonline.info/	1970-01-19 13:34:14	Name: ezepvv Value: 0
.securityonline.info/	1970-01-19 13:32:50	Name: ezopvc_124533 Value: 1

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.5.1(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://securityonline.info/printspoofer-abusing-impersonation-privileges-on-windows-10-server-2019/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.pinterest.com
api.rlcdn.com
bidder.criteo.com
cdn-0.securityonline.info
cdn.ampproject.org
cdn.onesignal.com
clients1.google.com
cse.google.com
f0879daebb30551979ff6acc5c1ecf72.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
g2.gumgum.com
go.ezoic.net
googleads.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid.a-mo.net
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
securityonline.info
ssl.google-analytics.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
136.144.59.88
151.101.112.84
172.217.21.230
178.250.0.165
178.250.2.146
18.156.95.187
184.31.84.150
185.33.220.145
185.64.189.112
2.19.34.195
216.52.2.48
216.58.212.162
23.210.249.164
23.210.249.92
2600:9000:20d7:a00:6:44e3:f8c0:93a1
2600:9000:20d7:fa00:2:cb38:840:93a1
2606:4700:3035::681c:b6f
2606:4700::6812:e134
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2008
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:815::2003
2a00:1450:4001:816::2001
2a00:1450:4001:817::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c07::9a
2a02:2638:1::13
2a02:2638::3
2a03:2880:f01c:800e:face:b00c:0:2
3.126.196.163
34.120.207.148
51.89.9.253
52.50.254.113
63.33.218.134
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
021cf9ce6e33bcbad948036d79073eeda3b73c1c351cc908c061e6ffb53b5606
029c9f5d57faf21ad0092fc5d57ce838e42865ae2275af9d0282ca8873cedeff
03ac41f81ed8d2d48d7b4d3db01d85c6cb5e970e6981bcfafac3e1e0629d0e8f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
049ce15ea761b0fd846e10932a280a805d8c867c200855860cb5e03b7c1424c2
04a5f1aba9458cbfd6c81716b6569cdd0add71a1d7d39d08a53c61628279c40d
069be607ca61a739a53bef54c646f6ca7b152df543057525a7d90e66d7c00a1d
06a652f90530a0fae775c287d9aecc3f283289cc408e35aa5d9c5ebc32ffe261
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
095596fb59298a4757db731aac7afa42c6efe73d1af3ce3d33f69ecc2ac0348f
0b95a3a8861b0ca2198fb54800d3c398d52817f49ca4672fb8ebbb2138edbe48
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
102c350599ef4cb1b0f1ad5ab2be359a65641660f461236456e35840c9abef87
105a40a35acb64fc974bb29e519ac4a7caccafc8ded193209f1373e800d4f76a
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1139bcdca1e6d3bd83127c2cc7c6fd02f0111d54bfe4ce7a73e3225945c78bef
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12ceaaa105abb177182163d2b3c95418076c4cd7881b107e39e1ae77dde7f7c1
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
12ec2f4bf962063ad97332d5254251712469fca071e85107588ff4554e3b5380
1409304a99328d823b4ab900506aad46e320b2be1e28c83d92b6454b940fd707
14315cc9803bdb867538306c3d327bc365b327197fc29004e95001d636af302b
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
18a024d642675602faba539ed51653dce9f5e6f260da5131182b60d32faf5b5d
2249272049d3442b6bf5eb32958a4730e26ed5ccf42985804552efc173c9ae0c
23ecdca12ff616e53b616c63613ed3fa96bdbd9b81509073ef145a8f030471f4
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
25384bd5a9a54280df7ac740f87266a288913b6cd6201d020418083c1c0b635e
2588986096b4c911239001e4a084763524dd7bc327d9833616b030d9ca286834
263774d449799fd63ab83f6ce80322210769a8b204972befbb0e9894b62079da
29bf97a9a41b45645bc0656755c56a99b75422b06915db40782a397e78eff445
2a240cc86c9f7193d71b2c680ce9400ea48ea0fd0d3cddc972ccbea93b08efe7
2aca79bc7c205125f87721609bc8bc561c2fb4b57e13dd670c087335de0dabab
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2d7d77f54dcfac81411871bf636df7e5b948e7044ea1cd2f71f9be5d90ae14b5
2fd6091a94cdd85e91099c85b9effa2dc564e238610f8cad118d12ee9716c80c
311f2c72fedf5fdc7ea954c0f3463b9aa4877c96804e367771d823dd6f4e8030
3280d840db75382b0a366d79bcd0dbe276a33e62b7be641e27b8b4bf68f66156
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
34261c9962064fc4843531aaf4ef7c09fccb088ff3627ee67b033c84fc355b80
34d9891a81b9b276febf3b6f763ededd97fc364bd399e9446f71159be6cb1d0c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
366978094a465cd6caa417f46c259cb3f3413f69fd0c699511f0ebbbffc1f477
372babe9a423bc48c73277d43a1ce39e02ec0a9daa2c9ffa8a1603215d00b187
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be
397cd6fd028ed769f312267d5de9c3ec6b26ed7a80306eafd5f72c1d3e6e0e3f
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
4240923f75e95ad96aba7222c51ffd31b8adec46d0d2c016f38ddde77a2939ec
436d1c7cde9d97909adad17f1f2b6555ec17bd117da141a0c83efd4e35f71d3a
4482526df917b74b50a7a3daf3d801d2e7232c64fcae8efeee2ff06c142b35fd
4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf
4772f4500e9ad88ca1bc64ad747b57d02e63c1d901e0af5be662dabfbc41c7c4
4a3fe3759adfc6ff1b0ab9c7c6c965eb6dc2dcd53e45d6d9760cd0b3400587d5
4bee892d451bec22710e7342576780de52825fd4a6d256b0e1f0c7ec1e26c3fc
4d7dbbe4fbeb51701a9ff7dc04bb0ef354419f4ada3aac91fee163d3fd8116c2
4e4fb61a8681d8a65da7f97300fa84e75d65c4d19962aa24c3b0c0b8eb28d584
515c432f9e7988b29b54800ebe60b464b206e5f90c89135a65ab307bd36b87c4
52df8a245d91ed0c010c160750e959934e80caf88d6f0e96c26f5354c88781e5
545881e36f9fe4d4d387c90f876f32df9c0cb800545fe5bb0496a58f6dc53b86
54cdedb13b502d912c5e62ddff42501ac92c60fbfcdea672abdcfb55a154cd5c
54f2df8a7cb2f77c397893be60cc17ca7f7acee8d73157040c4709730775dd78
5568b2c3508044cf8a70a68c79be692942608486296b2dd43c58b86a8a5fac8a
56dfe6376f14d728ef1a7aa14099f52305767ebff8963759be76d7828e15962d
5904da028a22641fdfb6ccec6d93705b2bc6e5bfd96107d2665cbf8e0894b320
5b2b8d431ffc12e91090b624fc573a8ef4d18a8c68abc862fe1b1f40b17be72a
5b368adc6ad153e147cd4a141f72676559e04bd34572650afa2e8f21558004ff
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e374b643979416f3e31a28d02af093718cdfd2d85f40a1dab8a040110b0bc76
5fa7ac102024f8a4a87b3c59f7053ede0dac550dc50388ff0a7be07c46f4cce0
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61a943a8c41eed9afc4a314af225ef8d76f25fecf0bd42b78f48c69cffa1508e
62bbd1c6850bbe1337f79310b88d01846c9f85c17a1e2aac88fdceb8c596eac5
63812d2342fa516954e2143a727857e9ac411e0fd21a3417fc4ee4dc05b80700
64e536ecaa5c3db77026b6e40a6d326aadcaea78dc11f338311c68d55bcf7e37
65da5ce5db5c7f1790c602238b5b9eb93dcb3d2d2f587eb7ad169b1951fa2a47
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67d096296b53e2a0180360a9301d36ad6abbc718d98d7a0204719169d63274bd
68a3d4ad1477f2740dbdbdcb64a37d8a75e1bea6c84ba41c0652ba6a1d3f0bc9
68a56f46db46a81e28e3ff0a2ce7ff747b2f6272d4c9748cd3c3bd5dcc9782cd
68fd7158e21d9af1c3351376054939421ded0636cfbedff658974049e69f6ad8
699d4828c42481ca941e4faf8ffa28d0e08f30044d54b41af5a8d9bde16dcddd
6a9624a8cbc97a006cefd84531522a7fc114ce35a59fef3101b3071ccca54b0b
6d35de3a532f5f67bc024d91743ca3841e9aa4bb341e5ae96d3bffd541b04f2d
6da75237c506bb339edf0c4bf4ad835eeb89188c465040563a4a9f89ca649824
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
71a745576fd16bfdec7edb8f87f5f1d403e5f05072947ae5fa0064eaa265e665
74087b46ddac1aabb4f571ca42ff5227782e743bdf93b067fba4e183e697b61b
766f8a1be5d8df87ccdbc9ef94f2978bac2ab819dfad6363b16ce63faec568ed
7766c313a88d86df2ef238701f8f3c807d6f0d5246f282a04c2f588e04f62448
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada
77a59cb277854c7e55d027b3cc11095a241d8107ff7be5b345403453a3d16be1
7a146a76b6725e208df9d634104dc257c956f405e0b50800f9aa369afbea3113
7ac259ad51354b3bdfa6f51e643abcd8567651940967283e1b07b1877f8caae6
7ad4b0bb66709e2d8b9a3ff6be958167d4d03dfd13f8fbc4be21c4042dc93b3f
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7b6bd3ddbed8ef319daa9e69cce780979063218c3dd7e959fb2a324faa806177
7c8d04ddc0bfed5dcf176d9bd9f1e308e2ee7a45c05fabc2e72f27dc78a8879d
7cfa02ebdb54b9a6b545ab4a4b671041749c34435a7666528216ce80dadd1be8
7d1574315d35ea396b52383c5d5c2e94bafe1e22c5af2711a54a067f42a0c7f9
7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd
7f13e98fe054b3e5b8f13c1a9383dfd74ce426daf28d5f6110072a9498deb82b
7f1650b4c9b0faf47c6277bfa8ca644a76a4324698552124b26f42fa45bd415c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff52847d45a94479a8a3bbf9cbe222178caaa2b0f5b1a4d1359aba2cadc33e7
81f72da72458d32cda79044f0b08d2de931b968006df153604e683306e424578
82dfedba5e121b4d7f40ea92b661cbfaea815e3b9d4b269a87a95ed047d31555
82e768572a1b1cf224db10cc21e6960171010984d927f40d11999d30af6185eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83375107cf245dcc8332f041650ad50f4d8ca75afb1c19fbc7358f58fcd55165
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8636d45eec799083aa05b9baa2adff31bcc9c2676fa5c92746935991af9cc480
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
8938ef87d3b395c000d1facf39fdb9a8b14160614682964fce8506130773828c
89e29e767edac3d1081c783ad04d99d011496b03a96cc57b6adc89f30bbaea8f
8b08a0e99aa538247c0289c9213b4c441651a8bb86a8a51cf7e701d47abb8a9c
8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a
8c10cff694c4205e62d2fbefcba45426e5876dddebc00d92bf465b3dc793f5e7
8c192c9a6a469f08ad42b2a1f944d6eb733d4f47414a210b7ca5abc9b318cc36
8df3d372fe01d7c0ebfe066d7f444ab4cfd41e3af111096b15320db3e18c2d09
8f5102fffc97f20212ac285df3292a8b9c3e486e4620e289c6a59c2db288c8a5
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
9242e26592a6086d03a8dbec9cffe881c478d57f860d5595f0d55c31d04c8d48
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
96a5285b1d69be210b33fae59356dc6b3d6231e9305ca63ee707731f12e6aff5
96a59efaf3b5b47d6ab1eb975b429b47a1774e47256da3117d2fd384e19a3f37
973d1e928e33a73f67e471f8cbeb606326fb3f87f7d080aac278de4c8837984a
985be8b81fd6871df2ff08ee26ffd1fe9b3483903fdcd2576babdb075a0135b8
986839aa49d1e09aa75cc5aef8e5d9d449c08ca70ea32293a26e592a68937c84
9887622292b5ba80917215d814d80663347b9554de9f1fa71f3e512a5ac72a16
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
9a2768ff3d410424a31df51b3f1fd088c572a3461ee9d5f3f52465f70a38109c
9a9ab53e2e488974a1d56116ced8a220550a779a08241afeb94c4cd25b2d0876
9c6fb3a96b5d636cb3fc7244d1ca4f9007cd423caa8556c20bb593fae1b81efe
9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883
9d31b403d50de1e8963d1cec655091f98986a25cfb62f2a2dee9e884b216cf2e
9dc55f663f6facc09a8e48b440d941a87d29c6041237e8be845ee66893fbba3e
a04041cf77ed8b4f77c1aeabf67bb4199bf563dd6089005816aa26826c882054
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09
a2f94138367e00a2ea6d37a684720ac748c73c66d063acc666f2a02eeed5895a
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a50eba129ef1d314b78354f45df3e1216549a35fcd795e0ad17ddd9e0a65c9e7
a61307b63d4884dbc257c672318c63eba9c3ff9d5d1f7e52978c878c6739d7e9
a751ce29cf3d4ce79f15220baa80bbdc8bbb97668ad75b8efff7b1be8c329491
a844cafca53cab73e5f3cc9e111b3f84a8c5c0b055e6f9ff9cda6ec7686d70dd
aa00013447c8b5f21afc917c72450c52142547c9fef5cf1b5278efdcdaa67fda
aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e
aa849eb31f39336c65b0f44b0ef34f7f624c0dbee255297e5198a20219251027
ac248ab7da608a3a61f44032c9fcf1e3d0f2d74ffd6ca2e12031666038f10685
af2112ef087a89cd5e848dd2edc606f591ed2cdb9501bf1525502eeaa56a9846
b1703ea12b46b8ccc79e8a09265e536c5eabbf3fc0c808a2fecd7005911bf254
b7bd6ba996aaa9583f93316051574f62058bf393715778a58dc3c86079f3a321
b999a53a07f85fc0aba18c0e28c154b0655793ee284f7dcdbc2d8a243abf2695
b9f48e9e7bfb5e4f0bc3ba7eb14f80b6a57f6f23afeabb4636a654778cc2ac12
ba4fbec215618682f10efb0721a942b7c599f98807718cab35de9d507f4a2ea0
babd6c5725b7b3f050f769101c40918bdfdbb92911e0b7d0f5e34c2e00237e28
be5cbeb8862a915ad88bd2dc542129f3b375953b5dc58ceca3aba55bf7568430
c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e
c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa
c23077a2766961aa754391d20fbcb5b23ca129071ff0e02a8f83f9ab00c5e8fb
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc42363fe016bff33e0e64f2033662678385b3a05267fde637d30a2b837c6b97
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf8050d77cabaaa8a72fdb2357cc14768190e0085297fdfff386f4af7b06ed04
d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3
d0d7f5312214ef5f94de9dd313fea4752ef986ee4d67dec2dac0d1e09f8b56c3
d1e7607d8960897d45f87fe4a1e58626e1b992262557abb2327f493fe46a4442
d21bb6d62f3cc7e71d1d911aa39bd0a957e5b9b9376f3b2d519db4e4b58add58
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
d40095f232395afb1c827c9c159059266440f144e6d8c5ec830d7f1c6e4a04f2
d5143237b35b5b374b003e21229125bb82f540d1a0fb754ad579fb047d4bc094
d69a25e21a7f5a43376d8f91b3e2f5aed453da3b2a5bb45b80b13bce87361d79
d701b349124e46f0f6738b2712c1daf8d1499b2940f7a8abbfc720448f5945e9
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df76de8068a20c35c1b7382f6adc68efb040bb293aaffca0740f8cec4d27ef7f
e0078d6108a89e84811e7ca0b69127db01e921dab7d47e054d5ddc5e825ab439
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873
e68bf8096733d0ede531d9e1f912826a2457e68317aa6a00305d8b96ab90dc07
e9bd18d7e7d5810e8a3a01da00e966fc5fa5fb025c9ae2d196f4d00ccda19c5e
e9e41bb4e2bab35c20e353a1311f0458c67f0ad8023bb236d409ff015b15e55f
eefe130ac232ee9286a726d440f8b89278f4242e90a394a01db2ec4652a29de1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00c4df38225f64d14a94c837260645f8252f602f4ccca09e072618120ae3675
f02ed14daa76f239d491ef8554144ec5f4a47a8e42d7062d6a52eec3c3372b3e
f1388ea845abf2b85d8e652d4c58fd65736e898a3472bf3c4345150246f7631d
f53d639016d2079baa0a1e7e99d5733a0bf7c3a01ae7d099316428b2e6419bb3
f91ad1de97fe0c8d2227c18ad004dc381e755ebe321ec2da6517095d85ad5fda
f9d90b7f23b57603f9dce4fbc26ba61ee18685d89fbff1280411b4d5e8edfdfe
fed8cd9057a795295001577ae9849f21049c79cfc6801afbca0156338d22ae31
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051
ffc65e2c520c9ff0325a67d3e3f79ebfe7c83f3e8c2ea254f860b5c73ffcea1c

securityonline.info Open in urlscan Pro 3.126.196.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

416 Requests

100 %HTTPS

54 %IPv6

31 Domains

48 Subdomains

42 IPs

8 Countries

3222 kBTransfer

8615 kBSize

32 Cookies

16 Outgoing links

Page URL History

Redirected requests

416 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityonline.info Open in urlscan Pro
3.126.196.163 Public Scan

Screenshot
Live screenshot

Full Image

416
Requests

100 %
HTTPS

54 %
IPv6

31
Domains

48
Subdomains

42
IPs

8
Countries

3222 kB
Transfer

8615 kB
Size

32
Cookies

416 HTTP transactions
13 data transactions