threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://threatpost.com/category/videos///
Effective URL:
https://threatpost.com/category/videos/
Submission: On December 16 via api (December 16th 2021, 6:26:51 pm UTC) from US — Scanned from DE

Summary HTTP 635 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 123 IPs in 12 countries across 99 domains to perform 635 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
11	143.204.98.122 143.204.98.122	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3030::ac43:cf70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2600:9000:215... 2600:9000:2156:3800:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
6	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1 7	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
15	2600:9000:215... 2600:9000:2156:9400:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
18	18.224.222.89 18.224.222.89	16509 (AMAZON-02) (AMAZON-02)
12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4 6	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
10	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:1400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	51.195.5.232 51.195.5.232	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 3	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
2 7	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
3	35.157.146.178 35.157.146.178	16509 (AMAZON-02) (AMAZON-02)
5 21	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1 4	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
1	3.125.147.153 3.125.147.153	16509 (AMAZON-02) (AMAZON-02)
2 23	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
10	52.211.199.54 52.211.199.54	16509 (AMAZON-02) (AMAZON-02)
5	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
31	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	18.196.20.13 18.196.20.13	16509 (AMAZON-02) (AMAZON-02)
6	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
14	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4 25	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
4 5	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
11	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
19 29	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
8 8	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
3	34.241.64.210 34.241.64.210	16509 (AMAZON-02) (AMAZON-02)
23	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
5	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	37.252.167.198 37.252.167.198	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.251.5.156 142.251.5.156	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:8000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4007:815::2003	15169 (GOOGLE) (GOOGLE)
3	54.171.208.149 54.171.208.149	16509 (AMAZON-02) (AMAZON-02)
1	54.218.247.33 54.218.247.33	16509 (AMAZON-02) (AMAZON-02)
4 31	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
7 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
6 6	35.157.240.53 35.157.240.53	16509 (AMAZON-02) (AMAZON-02)
6 10	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
9	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2 2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:12::6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:18::7	15169 (GOOGLE) (GOOGLE)
2	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	44.241.140.107 44.241.140.107	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.225.222.206 3.225.222.206	14618 (AMAZON-AES) (AMAZON-AES)
4 8	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
3 8	2a05:d018:d29... 2a05:d018:d29:3602:7523:c0c8:9412:6c81	16509 (AMAZON-02) (AMAZON-02)
1 3	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
9 12	3.126.38.41 3.126.38.41	16509 (AMAZON-02) (AMAZON-02)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	2606:4700:303... 2606:4700:3039::6815:c085	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.174.249.39 54.174.249.39	14618 (AMAZON-AES) (AMAZON-AES)
1	159.69.43.71 159.69.43.71	24940 (HETZNER-AS) (HETZNER-AS)
2	35.204.201.221 35.204.201.221	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
12	2a02:26f0:6c0... 2a02:26f0:6c00:2af::2854	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 7	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.128.135.80 178.128.135.80	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	3.126.16.11 3.126.16.11	16509 (AMAZON-02) (AMAZON-02)
1 1	143.204.98.47 143.204.98.47	16509 (AMAZON-02) (AMAZON-02)
2 5	52.49.53.128 52.49.53.128	16509 (AMAZON-02) (AMAZON-02)
1 1	34.102.163.6 34.102.163.6	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	64.74.236.223 64.74.236.223	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 17	52.208.210.171 52.208.210.171	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	185.86.137.121 185.86.137.121	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	63.251.14.3 63.251.14.3	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	54.219.155.58 54.219.155.58	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.129 199.38.167.129	54312 (ROCKETFUEL) (ROCKETFUEL)
3	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	35.153.248.18 35.153.248.18	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1	2600:9000:215... 2600:9000:2156:c600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	51.75.146.162 51.75.146.162	16276 (OVH) (OVH)
2 2	18.192.77.44 18.192.77.44	16509 (AMAZON-02) (AMAZON-02)
3 4	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	34.205.3.24 34.205.3.24	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.203.60.58 52.203.60.58	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 1	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.217.249.13 54.217.249.13	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
2 2	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.42 124.146.215.42	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	52.71.162.243 52.71.162.243	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:b988:ecc0:9832:67ce	14618 (AMAZON-AES) (AMAZON-AES)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
635	123

18 35.173.160.135 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.98.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3030::ac43:cf70 (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2156:3800:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2156:9400:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.224.222.89 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-222-89.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:3175:5196:e3fd:8c1d (United States) 4 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.5.232 (France)

ASN16276 (OVH, FR)
PTR: p15.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.14.14 (United States) 1 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 134.209.131.220 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.146.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-146-178.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.33.220.216 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.61.140 (Ashburn, United States) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.147.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-147-153.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

teachingaids-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gift-connect-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.211.199.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.20.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-20-13.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.25 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.185.162 (United States) 19 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.29.132.245 (United Kingdom) 8 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.64.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-64-210.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.167.198 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: 53.ratbait.prod.ams1.adnexus.net

rb.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4007:815::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.208.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-208-149.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.247.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-247-33.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.240.53 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-240-53.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.126.56.137 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.d3sv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:12::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lzne6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:18::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5edndl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.140.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-140-107.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.222.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-222-206.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 209.54.177.54 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a05:d018:d29:3602:7523:c0c8:9412:6c81 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.37 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.126.38.41 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-38-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c085 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.249.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.43.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.43.69.159.clients.your-server.de

p.d3sv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.201.221 (Groningen, Netherlands)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 221.201.204.35.bc.googleusercontent.com

cia.dqnacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:6c00:2af::2854 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

media.douglas.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.80 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.16.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-16-11.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.47 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-47.fra50.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.49.53.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.74.236.223 (United States) 3 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.208.210.171 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.14.3 (United States) 1 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.219.155.58 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-155-58.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.248.18 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-248-18.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.162 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: de02.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.77.44 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-77-44.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.95 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.3.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.60.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-60-58.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.249.13 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-249-13.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.74.8 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.42 (Shibuya, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.162.243 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-162-243.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:b988:ecc0:9832:67ce (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	doubleclick.net 19 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	348 KB
74	googlesyndication.com pagead2.googlesyndication.com ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	332 KB
48	threatpost.com 1 redirects threatpost.com assets.threatpost.com media.threatpost.com	813 KB
37	pubmatic.com hbopenbid.pubmatic.com vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com aktrack.pubmatic.com aud.pubmatic.com simage4.pubmatic.com	179 KB
36	adnxs.com 7 redirects ib.adnxs.com prebid.adnxs.com ams1-ib.adnxs.com acdn.adnxs.com secure.adnxs.com	111 KB
35	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com lit.connatix.com vid.connatix.com img.connatix.com	2 MB
30	casalemedia.com 4 redirects htlb.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com dsum.casalemedia.com	33 KB
25	adsrvr.org 4 redirects insight.adsrvr.org match.adsrvr.org	65 KB
25	2mdn.net 2 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-4g5lzne6.c.2mdn.net r2---sn-4g5edndl.c.2mdn.net	3 MB
24	openx.net 2 redirects teachingaids-d.openx.net u.openx.net us-u.openx.net eu-u.openx.net rtb.openx.net gift-connect-d.openx.net	4 KB
22	rubiconproject.com 6 redirects fastlane.rubiconproject.com eus.rubiconproject.com secure-assets.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com pixel-us-east.rubiconproject.com	41 KB
22	yahoo.com 9 redirects c2shb.ssp.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	11 KB
17	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	5 KB
15	google.com 1 redirects www.google.com adservice.google.com	3 KB
14	amazon-adsystem.com 4 redirects c.amazon-adsystem.com s.amazon-adsystem.com	46 KB
13	1rx.io 4 redirects tag.1rx.io sync.1rx.io	4 KB
12	douglas.de media.douglas.de	41 KB
12	bidswitch.net 9 redirects x.bidswitch.net	5 KB
11	servenobid.com ads.servenobid.com public.servenobid.com	8 KB
11	adlightning.com tagan.adlightning.com	262 KB
10	d3sv.net s.d3sv.net p.d3sv.net	154 KB
10	adsafeprotected.com unified.adsafeprotected.com static.adsafeprotected.com pixel.adsafeprotected.com dt.adsafeprotected.com	153 KB
8	everesttech.net 7 redirects sync-tm.everesttech.net	2 KB
8	mathtag.com 8 redirects sync.mathtag.com	5 KB
8	advertising.com 6 redirects ads.adaptv.advertising.com pixel.advertising.com	3 KB
8	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	3 KB
8	serverbid.com 3 redirects e.serverbid.com sync.serverbid.com	1 KB
7	gstatic.com www.gstatic.com csi.gstatic.com	149 KB
7	admetricspro.com qd.admetricspro.com	325 KB
6	indexww.com js-sec.indexww.com	6 KB
6	adform.net 4 redirects c1.adform.net track.adform.net	3 KB
6	criteo.com 2 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
6	googleapis.com imasdk.googleapis.com fonts.googleapis.com	709 KB
6	quantserve.com 4 redirects secure.quantserve.com pixel.quantserve.com	12 KB
5	smartadserver.com ssbsync.smartadserver.com rtb-csync.smartadserver.com	2 KB
5	bidr.io 2 redirects match.prod.bidr.io	2 KB
5	googletagservices.com www.googletagservices.com	173 KB
4	outbrain.com 3 redirects sync.outbrain.com	1 KB
4	sonobi.com sync.go.sonobi.com go.sonobi.com	2 KB
4	a-mo.net 1 redirects prebid.a-mo.net	480 B
4	lijit.com 2 redirects ap.lijit.com ce.lijit.com	2 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	2 KB
3	zemanta.com 3 redirects b1sync.zemanta.com	2 KB
3	adnxs-simple.com acdn.adnxs-simple.com rb.adnxs-simple.com	44 KB
3	sharethrough.com btlr.sharethrough.com	337 B
3	4dex.io script.4dex.io mp.4dex.io	24 KB
3	id5-sync.com cdn.id5-sync.com id5-sync.com	11 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	emxdgt.com cs.emxdgt.com
2	360yield.com 2 redirects ad.360yield.com	617 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	dotomi.com 1 redirects casale-match.dotomi.com pubmatic-match.dotomi.com	290 B
2	turn.com 2 redirects ad.turn.com	943 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	942 B
2	33across.com pixel.33across.com ssc-cms.33across.com
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	dqnacloud.com cia.dqnacloud.com	15 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	598 B
2	audrte.com 1 redirects a.audrte.com	1 KB
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	988 B
2	exactag.com m.exactag.com	2 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	google.de www.google.de adservice.google.de	1 KB
2	kasperskycontenthub.com kasperskycontenthub.com	1 KB
1	socdm.com 1 redirects tg.socdm.com	694 B
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	bluekai.com 1 redirects stags.bluekai.com	1 KB
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	292 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	608 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu	521 B
1	smaato.net s.ad.smaato.net	240 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	rfihub.com 1 redirects p.rfihub.com	744 B
1	postrelease.com jadserve.postrelease.com	427 B
1	onetag-sys.com onetag-sys.com	814 B
1	bing.com c.bing.com	594 B
1	linkedin.com px.ads.linkedin.com	705 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com	216 B
1	smadex.com 1 redirects cm.smadex.com	526 B
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	5 KB
1	ad4m.at ad4m.at
1	bttrack.com bttrack.com	380 B
1	zeotap.com mwzeom.zeotap.com	456 B
1	sharedid.org id.sharedid.org	213 B
1	simpli.fi um.simpli.fi	616 B
1	t.co t.co	471 B
1	twitter.com analytics.twitter.com	674 B
1	quantcount.com rules.quantcount.com	354 B
1	fastclick.net secure.cdn.fastclick.net	17 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	googletagmanager.com www.googletagmanager.com	59 KB
0	avct.cloud Failed ads.avct.cloud Failed
0	onaudience.com Failed pixel.onaudience.com Failed
635	99

	Domain	Requested by
31	pagead2.googlesyndication.com	srcdoc securepubads.g.doubleclick.net tpc.googlesyndication.com ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com tagan.adlightning.com s0.2mdn.net www.googletagservices.com
29	cm.g.doubleclick.net	19 redirects googleads.g.doubleclick.net u.openx.net eb2.3lift.com g2.gumgum.com
21	tpc.googlesyndication.com	tagan.adlightning.com ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com s0.2mdn.net imasdk.googleapis.com tpc.googlesyndication.com
21	ib.adnxs.com	5 redirects qd.admetricspro.com cds.connatix.com acdn.adnxs.com googleads.g.doubleclick.net ssum-sec.casalemedia.com
20	s0.2mdn.net	imasdk.googleapis.com tagan.adlightning.com s.d3sv.net s0.2mdn.net
18	capi.connatix.com	cd.connatix.com
17	ade.googlesyndication.com
17	assets.threatpost.com	threatpost.com assets.threatpost.com
16	rtb.gumgum.com	1 redirects g2.gumgum.com
16	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com um2.eqads.com
16	threatpost.com	1 redirects threatpost.com
15	googleads.g.doubleclick.net	ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com tagan.adlightning.com
15	insight.adsrvr.org	vpaid.pubmatic.com acdn.adnxs-simple.com
15	media.threatpost.com	threatpost.com
13	ad.doubleclick.net	vpaid.pubmatic.com acdn.adnxs-simple.com cd.connatix.com
12	media.douglas.de
12	x.bidswitch.net	9 redirects ssum-sec.casalemedia.com eb2.3lift.com
11	tagan.adlightning.com	threatpost.com tagan.adlightning.com ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
10	match.adsrvr.org	4 redirects u.openx.net ssum-sec.casalemedia.com eb2.3lift.com
10	ups.analytics.yahoo.com	6 redirects ssum-sec.casalemedia.com
10	ads.servenobid.com	qd.admetricspro.com public.servenobid.com ssum-sec.casalemedia.com ssbsync.smartadserver.com g2.gumgum.com
9	s.d3sv.net	tagan.adlightning.com s.d3sv.net
9	tag.1rx.io	qd.admetricspro.com cds.connatix.com
9	vid.connatix.com	cd.connatix.com
8	pr-bh.ybp.yahoo.com	3 redirects ssum-sec.casalemedia.com eu-u.openx.net ads.pubmatic.com
8	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com eb2.3lift.com
8	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com public.servenobid.com
8	us-u.openx.net	2 redirects googleads.g.doubleclick.net u.openx.net eu-u.openx.net
8	sync-tm.everesttech.net	7 redirects ssum-sec.casalemedia.com
8	sync.mathtag.com	8 redirects
8	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com cds.connatix.com qd.admetricspro.com g2.gumgum.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
8	www.google.com	1 redirects threatpost.com tagan.adlightning.com ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
7	eb2.3lift.com	2 redirects qd.admetricspro.com eb2.3lift.com
7	eu-u.openx.net	u.openx.net qd.admetricspro.com eu-u.openx.net
7	pubads.g.doubleclick.net	imasdk.googleapis.com
7	adservice.google.com	imasdk.googleapis.com tagan.adlightning.com
7	e.serverbid.com	2 redirects qd.admetricspro.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
7	qd.admetricspro.com	threatpost.com qd.admetricspro.com
6	eus.rubiconproject.com	qd.admetricspro.com eus.rubiconproject.com g2.gumgum.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net threatpost.com
6	pixel.advertising.com	6 redirects
6	js-sec.indexww.com	cds.connatix.com ssum-sec.casalemedia.com qd.admetricspro.com
6	simage2.pubmatic.com	ads.pubmatic.com
6	prebid.adnxs.com	cds.connatix.com cd.connatix.com
6	c.amazon-adsystem.com	qd.admetricspro.com c.amazon-adsystem.com
5	pixel.rubiconproject.com	g2.gumgum.com
5	match.prod.bidr.io	2 redirects eu-u.openx.net ssum-sec.casalemedia.com
5	image2.pubmatic.com	ads.pubmatic.com
5	c1.adform.net	4 redirects ads.pubmatic.com
5	ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
5	htlb.casalemedia.com	qd.admetricspro.com cds.connatix.com
5	teachingaids-d.openx.net	qd.admetricspro.com cds.connatix.com
5	hbopenbid.pubmatic.com	qd.admetricspro.com cds.connatix.com
5	pixel.quantserve.com	4 redirects threatpost.com
5	securepubads.g.doubleclick.net	www.googletagservices.com tagan.adlightning.com securepubads.g.doubleclick.net
5	www.googletagservices.com	threatpost.com ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
4	token.rubiconproject.com	4 redirects
4	sync.outbrain.com	3 redirects g2.gumgum.com
4	sync.1rx.io	4 redirects
4	acdn.adnxs.com	acdn.adnxs-simple.com cds.connatix.com qd.admetricspro.com
4	aktrack.pubmatic.com
4	prebid.a-mo.net	1 redirects qd.admetricspro.com cds.connatix.com
4	fastlane.rubiconproject.com	qd.admetricspro.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	www.gstatic.com	www.google.com ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
3	rtb-csync.smartadserver.com	ssbsync.smartadserver.com
3	sync.go.sonobi.com	public.servenobid.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3	b1sync.zemanta.com	3 redirects
3	secure.adnxs.com	1 redirects ssum-sec.casalemedia.com
3	pixel.adsafeprotected.com	static.adsafeprotected.com pixel.adsafeprotected.com
3	csi.gstatic.com	imasdk.googleapis.com
3	unified.adsafeprotected.com	vpaid.pubmatic.com acdn.adnxs-simple.com
3	image6.pubmatic.com	ads.pubmatic.com
3	btlr.sharethrough.com	qd.admetricspro.com
3	c2shb.ssp.yahoo.com	qd.admetricspro.com
3	ap.lijit.com	1 redirects qd.admetricspro.com
3	img.connatix.com	threatpost.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com threatpost.com
3	cds.connatix.com	threatpost.com cd.connatix.com
2	i.liadm.com	2 redirects
2	creativecdn.com	2 redirects
2	cs.emxdgt.com	g2.gumgum.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2	secure-assets.rubiconproject.com	2 redirects
2	ad.360yield.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	ad.turn.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	ssbsync.smartadserver.com	public.servenobid.com g2.gumgum.com
2	pm.w55c.net	2 redirects
2	cia.dqnacloud.com	s0.2mdn.net
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	pixel-sync.sitescout.com	2 redirects
2	a.audrte.com	1 redirects ads.pubmatic.com
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dt.adsafeprotected.com
2	m.exactag.com	ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com threatpost.com
2	r1---sn-4g5lzne6.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	u.openx.net	cds.connatix.com
2	static.adsafeprotected.com	acdn.adnxs-simple.com threatpost.com
2	fonts.googleapis.com	ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	rb.adnxs-simple.com	acdn.adnxs-simple.com
2	image4.pubmatic.com	ads.pubmatic.com
2	dis.criteo.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ams1-ib.adnxs.com	1 redirects
2	vpaid.pubmatic.com	cd.connatix.com
2	ads.adaptv.advertising.com	cds.connatix.com
2	mug.criteo.com	threatpost.com
2	gum.criteo.com	1 redirects
2	script.4dex.io	qd.admetricspro.com script.4dex.io
2	id5-sync.com	cdn.id5-sync.com qd.admetricspro.com
2	kasperskycontenthub.com	threatpost.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	pixel-us-east.rubiconproject.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	ads.yahoo.com
1	i6.liadm.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	gift-connect-d.openx.net	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	go.sonobi.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	tg.socdm.com	1 redirects
1	ssc-cms.33across.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	s.ad.smaato.net	ssbsync.smartadserver.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	nep.advangelists.com	1 redirects
1	p.rfihub.com	1 redirects
1	jadserve.postrelease.com	public.servenobid.com
1	ce.lijit.com	1 redirects
1	onetag-sys.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	ad.mrtnsvr.com	1 redirects
1	cm.smadex.com	1 redirects
1	rtb.openx.net	eu-u.openx.net
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	qd.admetricspro.com
1	sync.serverbid.com	1 redirects
1	public.servenobid.com	qd.admetricspro.com
1	p.d3sv.net	s.d3sv.net
1	ad4m.at	ssum-sec.casalemedia.com
1	bttrack.com	ssum-sec.casalemedia.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	r2---sn-4g5edndl.c.2mdn.net
1	track.adform.net	ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
1	id.sharedid.org	cds.connatix.com
1	acdn.adnxs-simple.com	cd.connatix.com
1	um.simpli.fi	ads.pubmatic.com
1	adservice.google.de	tagan.adlightning.com
1	tlx.3lift.com	qd.admetricspro.com
1	mp.4dex.io	qd.admetricspro.com
1	www.google.de	threatpost.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	threatpost.com
1	analytics.twitter.com	tagan.adlightning.com
1	rules.quantcount.com	secure.quantserve.com
1	lit.connatix.com	cd.connatix.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	secure.cdn.fastclick.net	tagan.adlightning.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	threatpost.com
1	cd.connatix.com	1 redirects
0	ads.avct.cloud Failed	ads.pubmatic.com
0	pixel.onaudience.com Failed	ads.pubmatic.com
635	177

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
t.co
media.threatpost.com

Subject Issuer	Validity	Valid
threatpost.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-07-03`	a year	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
assets.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
kasperskycontenthub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-07-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
media.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
cdn.id5-sync.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
e.serverbid.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.a-mo.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.adnxs-simple.com GeoTrust RSA CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
s.d3sv.net R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
p.d3sv.net R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
cia.dqnacloud.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
www.douglas.de GeoTrust RSA CA 2018	`2021-09-06` - `2022-09-07`	a year	crt.sh
public.servenobid.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-22` - `2022-05-22`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-26`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 83 frames:

Primary Page: https://threatpost.com/category/videos/
Frame ID: 1963A31F424F1CCDE789405E48CADA49
Requests: 131 HTTP requests in this frame

Frame: https://cds.connatix.com/p/142882/connatix.player.dc.js
Frame ID: 5BA8DB007C1E55A7E79632576C990E18
Requests: 71 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Frame ID: 95BE6E2B9C4295BE447F764DFD7F48A4
Requests: 37 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 0BBBF2A199EB30F42D25557F3C7ED1AF
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 528B1A919232C80BA2BA542B91122D99
Requests: 22 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 62924A2C1854AFD0DAB70E4F09293740
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8E9564065CB9F8B2CE75BEFF7C50CAB4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FD32EE82107554194D578109164B5E40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7F697A1A8D716FF96E134F50103D86C3
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446009&vtype=1&imprId=2F673378-D668-47E6-9104-B7A75578755D&adServerId=243&campaignId=22918&crID=ghq46ojf&ucrid=755815154131570317
Frame ID: A9DCFB618EDD5281436CF2C182B5B4BD
Requests: 7 HTTP requests in this frame

Frame: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29C5EEF328E5506B5B5D5050357B26EF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7F0F4F812867EE8F3FD85C5C05A85ADA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB00840628449B97ECD3E2EF3EA759F6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 546D01D884E270BDF896805600AF5CB6
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA
Frame ID: 57886722140243F25CCDF684D97EB59E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7918867047318286971
Frame ID: F9BCD2D71B9AA7C3D307A775D0F75760
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 526B7BA5AB36990834BE7C147C896B4C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Frame ID: 5C70EF4582E4DAFA5F0D2DAEC7EC5D73
Requests: 8 HTTP requests in this frame

Frame: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3807EFB8B5A48E56DF52D637AC3897C9
Requests: 18 HTTP requests in this frame

Frame: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F85EA5083751206D52C41C10C0B1CB96
Requests: 15 HTTP requests in this frame

Frame: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C4792C96F6B998099705B291F457E29
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C7EA6B18A377EAC5FCE58C513D441B7
Requests: 3 HTTP requests in this frame

Frame: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 31DA8DF467D04829DCE713A922E8DB5D
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Frame ID: 71D9CF3A61B09C927C4734F10AF69401
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhia_bW3ATAB&v=APEucNU40ZCWMaHdrEg2aZvCo2KhYeCrED47XCtZ6r-jpBfrX7oK2KWdr2B8Js7k3lh16rBzFoJ2lBxpvum1zDe3xnQ0BNf-A_A_H-ICQHZ3mpTU8b03qIQ
Frame ID: 1D3EBF388B004A186DD094CFD9909DAE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYpPbdswEwAQ&v=APEucNV_dECSCJVwfjEGSGp1gxfOfW8I30l1yPMz5q7jkdC8aXjs1r1-uI9br7wSJHSN9iCypsQQ1MjQn9A5YeEYe4B4SOsWdHb1XILJ6MrURWGE4rBCxao
Frame ID: AEBC416EA2E9103E5E70E9621F9A5143
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhjDnLW3ATAB&v=APEucNW2mxGnIghwXFRxJ7NTCwBKehelQX4aYz9-zjoeHy4N8_K1tVY_5t9bHESlNXqQs6XETeiFa1nNcVDwlmjN1BnGW71SEssx8H09HVyumhayjlZC5vs
Frame ID: C54609774049EC24D90C137EB43D3476
Requests: 5 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7C4B8C53D9AC75C9A9842210223036E6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: E6A586FD2245EB0EEFF896E02646B42A
Requests: 7 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 44F10E87AF345A8FDB32797344BD0AA2
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 864B98374A31A4713E8136B6A90D221F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: BA1CFDD484BC436DE47746C100BBE32C
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 9E9D1A630E626E687A4FB21FBC49EB76
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D9A71FF74FB2752D29783FFF090066EE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4F08CB41BF68D82BB45F14AC0D13B092
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C8F5E2F43F56FCA7EE7FD3AA644E39C0
Requests: 8 HTTP requests in this frame

Frame: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Frame ID: A162EBF35A013356551C152CE5CB971C
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AD0CF69EE1E41BD05561AFCC4DEFC489
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 29B423F1BC0BBD191EBFD9A3D3BF8DFE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF55C8F267D49575157B6C054AC25CCE
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
Frame ID: 4F9FBC2673C14CBD14634F82D4F2D6F4
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 6CC5381E3D41F6F2D4D1895E7BB20747
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
Frame ID: CA29735AB1AC0181E9CB789754EA0BBA
Requests: 17 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042368557124876440
Frame ID: 090208BB6FD12D14ADEF56646EFB3F81
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: E93FFDDA5402A134B3612B630D5F5D6E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7306F6152C0C8D415B4CEA434A602B8E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 81C204E172F2D37CE0D4D3B13461A6F4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: C72DEC52B1D34D6566C1F2EAA9A080C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: FE0EA9D5734D6F83B877FE13E0BFE191
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 38FBEA039B1B018D39F0FDB764B06D0F
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D792DA4C7E0836CC3CFBE9B2D1E26256
Requests: 11 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: C10C80E8B108141BB055742F7E2C7E69
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: 51ECF1CAC4FB9969EB2FF6EFE42CED68
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 57564F266774A140DBD39D80707D4355
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0425689C59481F52EF2437BAB0033EFC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 4A635DEC64DC19832BCAC15705ACCF39
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: EF8FC3057C4C94D77E3107FEA26B0E0B
Requests: 7 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Frame ID: 0624EB9CC3F1308BFA17075AABFF494B
Requests: 8 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1552C879EE2C679E46CF087F2CF11DC8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1AE3CCB99E8B07CA876B90D7095E7739
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: FD96B3764C36C173106F4D25CC8CFCCB
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: DE69175B3E06C19CB2F92E80618ABCF1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: E757D81AC34879C8996669797A3D0A27
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 2645CBB5DF7543C30318118718D9E757
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 61AA0939ACAE4F745041FDCB9963DE93
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=0&gdpr_consent=
Frame ID: 1E8ECCDC8BF2394DB66CCEDEA1151C8C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=
Frame ID: 38D09C79C919B1E90CE536B462AA41AB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MjNiYjhkNy0yOTdmLTRmNjctYjZjMS01OWE2ODYxZTNjMWM=&gdpr=0&gdpr_consent=
Frame ID: 1D42A7A6F11D7BC509C27693642E9A20
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: BB744537A30FFBEBD3BD1E4DC9E46449
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 07B52FC596015988BEE27BE477A248E3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=81af1dac-941a-4a28-8cd7-842422c9914d&t=1642271206
Frame ID: 15D6329F2E903AB6DA38BBDE8C1FAA3C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A3D6B9A8DE330F0F0B2FA17B6247BFD6
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: EFF5A1DC10862AC1EF6B6CE7C99AF6BD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YbuE5sCo8X0AAPIEBfMAAAAA
Frame ID: E07D3A4873DD6223B5D0D6252ACEEB5A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=iZiRJqH0Dct0lOmeMB1y&pi=gumgum&tc=1
Frame ID: D6350DFC8737BC82F9B74C30518B25FC
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: C005935FDB6B52198FD7DBB2C0317185
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: D5E29B907EF17331818E777622880DBB
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: 73925C710C5E8ED62BEEF924701B9B1B
Requests: 1 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: C612C6680859E88C8CF0B25187EC9256
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 278BB7B8506C50F661373F9E2DC27E0C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Frame ID: D82B7DECCCAA17675487576B2A2BD64A
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5885BE7AEFDBE67794B8319A4CF1D7F2
Requests: 8 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=
Frame ID: 7E77D870C18D9E48AF90E856FCCF6D39
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Category: Videos | Threatpost

Page URL History Show full URLs

https://threatpost.com/category/videos/// HTTP 301
https://threatpost.com/category/videos/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

635
Requests

84 %
HTTPS

27 %
IPv6

99
Domains

177
Subdomains

123
IPs

12
Countries

9200 kB
Transfer

17849 kB
Size

134
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23cybersecurity
Title: #cybersecurity

Search URL Search Domain Scan URL

URL: https://t.co/y6ZfyTh5I0
Title: https://t.co/y6ZfyTh5I0

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/09015533/ThreatpostMK_TEMPLATE.pdf
Title: Advertise With Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://threatpost.com/category/videos/// HTTP 301
https://threatpost.com/category/videos/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/142882/connatix.player.dc.js

Request Chain 131

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=aDKR63wrNHBGRFNZUnlpZUQ2MWFPVGpObCtUUUZlMDI0SXV6Z2Q2WVdIOWVVU0VvZUxxRFZQckxCd21ESlFDOHVOQ2EwSEpBYWZpYTZPTGgvQk9DUVFFaU9LMWdQN08vbjR4eHlCQmRvVURyUUFlZ1hGVnJqNXhueXlZZmNMNU5ucmpPaXVXb0RCT3VZYVVvbjFFc05tMTBySEFwYldlNUo2ZUo1dTc4dUhYSEhFRjdMU2F0WER2WFMwLzhqSUdwVmI0b1EyOEt0bnlTdklsQk4wL2I0SkQyVy9QMUtsNytSSUsySzFxbW1BZm91Z3FFPXw&cppv=2

Request Chain 161

https://ams1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQnghLthAAAAABE6KSzXTqz8RBnghLthAAAAACCr5I6dASgAMMAIOOc3QMyyYUjD6pcCUJ-ZpQhY4dYBYgJERWgBcAF4AIABAogBAZABkAOYAeEBoAEAqAGr5I6dAbABAQ..&s=01bf964e8f0cd8df34dacaf8223d00b34ec7e534&event_type=1&redir=https%3A%2F%2Fams1-ib.adnxs.com%2Fab%3Fro%3D1%26an_audit%3D0%26referrer%3Dhttps%253A%252F%252Fthreatpost.com%252Fcategory%252Fvideos%252F%26e%3DwqT_3QLnD-jnBwAAAwDWAAUBCOCJ7o0GELrSsLntiav-RBgAKjYJcvkP6bcv3D8RW5TZIJOM1j8ZAAAAIIXrG0AhWw0SACkRJAAxARvArkfpPzCfmaUIOOc3QMAISFJQq-SOnQFYy496YABo56WpAXiD6AWAAQGKAQNVU0SSAQEG8MmYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAidodHRwczovL3RocmVhdHBvc3QuY29tL2NhdGVnb3J5L3ZpZGVvcy_yAr0JChNUVERfVkFTVF9QQVJBTUVURVJTEqUJJnQ9MSZhaWQ9NDk3MTAzNzU0MzMyNzYwNzA5OCZ3cGM9VVNEJnNmZT0xM2YzMDRlMCZwdWlkPSZ0ZGlkPTAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwARnwizAwMCZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNXFpOGRWMjhhZ21GUUh4VDFpa2hsa3ZSbGsyd2RweE5tNndOcm9XRXpPTS4mYnA9MC42MDY2Mjg3OTUxNDgzNDk1OTI0OSZjZj0yODI1NDM2JmZxPTAmdGRfcz10aHJlOSFQJnJjYXRzPW12ayZtY2F0PSZtc3RlPiQAOG1mbGQ9NCZtc3NpPSZtZgEG8KR1aG93PTExNSZhZ3NhPSZyZ3o9MjIwNDkmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9ZGUmbWxhbmc9JnN2cGlkPTcxNDMmZGlkPSZyY3h0PU90aGVyJmxhdD01My41NzAwMDAmbG9uPTEwLjA1MDAwMCZ0bXBjPSZkYWlkPSZ2cD0wJm8BqWhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JgAgrLSsNlvDeJnZwYj1QcmVSb2xsJmRjPTgyJnZjYz1FTFFCR0xRQk1nUUlBZ2dKT2dRSUFRZ0NRQUZJQVZBQ2lBRUNvQUdRQTZnQjRRSElBUUhRQVFQb0FRS0FBZ09LQWd3SUFRZ0VDQUlJQlFnRENBYWFBZ0lJQXFBQ0FxZ0NBc0FDQWcuLiZzdj1hcHBuZXh1cyZwaWRpPTMxMjEmYWR2aT0xODMyMDQmY21waT0yMDM3ODk5JmFnaT0xMDQ3MDY2MCZjcmlkaT0yMTU3MTI2MSZzdmk9NyZjbXA9MXdoOW8zdCZ2ciGWLDQlMmMxNSZydXJsPWUyICUzYSUyZiUyZjY4AxQlMmZjYXRlOgglMmZpPBAlMmYmdEGf9MkDcE1LZ0dLWE9oZGltV29IZHBpMWVwU1I5SE9BUVhaYlZJOTMybTg1S0dVcy4mYz1DZ2RIWlhKdFlXNTVFaUpHY21WbElHRnVaQ0JJWVc1elpXRjBhV01nUTJsMGVTQnZaaUJJWVcxaWRYSm5HZ0FpQjBoaGJXSjFjbWN3QWpnQ1NBQlFBWUFCQUlnQkFwQUJBQS4uJmR1cj1DakFLREdOb1lYSm5aUzFoYkd3dE1TSWdDUF9fX19fX19fX19fd0VTRTNSMFpGOWtZWFJoWDJWNFkyeDFjMmx2Ym5NLiZkdXJzPVV2QVh2cyZjcnJlbHI9JmFkcHQ9YW5vciZpcGw9MTczODY2NTUmZnBhPTcyNiZwY209MyZncmRjPUNBRS4mdmM9MyZzYWlkPTM2NzE4MjI4ODM1MTk2MzQwMzImaWN0PVVua25vd24mYXVjdD0xJmltPTEmbWM9OGI4ZTkyNTAtZDE5My00N2ZmLTg2ZmYtYTA3YjdmZmVlZDBm8gI9ChVUVERfVkFTVF9JTVBSRVNTSU9OSUQSJGUzNWM3YzY2LWM5YzEtNGQxNy04OWExLWE1N2Y1MzEwZmRmM4ADAIgDAZADAJgDF6ADAaoDxAEKlwFodHRwczovL2luc2lnaHQuYWRzcnZyLm9yZy9lbmR1c2VyL3Zhc3QvP2lpZD0ke1RURF9WQVNUX0lNUFJFU1NJT05JRH0mY3JpZD1naHE0Nm9qZiZ0dGRfcHJldmlldz0ke0lTX1BSRVZJRVd9JndwPSR7QVVDVElPTl9QUklDRX0ke1RURF9WQVNUX1BBUkFNRVRFUlN9GhM0OTcxMDM3NTQzMzI3NjA3MDk4KgQzMTIxOg1vcnRiLWdocTQ2b2pmwAPgqAHIAwDYA7bVtwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTM2LjI0My4xOTguODGoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBKvkjp0BiAUBmAUAoAXwtNrS1e67-jLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGjdgB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMXdoOW8zdLoHDwgAEAAYACAAMAA4wAZAAMgHg-gF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfViwOKCAIQAA..%26s%3D906fca925210de081edb863ef21f30d24bca0b86 HTTP 302
https://ams1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&e=wqT_3QLnD-jnBwAAAwDWAAUBCOCJ7o0GELrSsLntiav-RBgAKjYJcvkP6bcv3D8RW5TZIJOM1j8ZAAAAIIXrG0AhWw0SACkRJAAxARvArkfpPzCfmaUIOOc3QMAISFJQq-SOnQFYy496YABo56WpAXiD6AWAAQGKAQNVU0SSAQEG8MmYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAidodHRwczovL3RocmVhdHBvc3QuY29tL2NhdGVnb3J5L3ZpZGVvcy_yAr0JChNUVERfVkFTVF9QQVJBTUVURVJTEqUJJnQ9MSZhaWQ9NDk3MTAzNzU0MzMyNzYwNzA5OCZ3cGM9VVNEJnNmZT0xM2YzMDRlMCZwdWlkPSZ0ZGlkPTAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwARnwizAwMCZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNXFpOGRWMjhhZ21GUUh4VDFpa2hsa3ZSbGsyd2RweE5tNndOcm9XRXpPTS4mYnA9MC42MDY2Mjg3OTUxNDgzNDk1OTI0OSZjZj0yODI1NDM2JmZxPTAmdGRfcz10aHJlOSFQJnJjYXRzPW12ayZtY2F0PSZtc3RlPiQAOG1mbGQ9NCZtc3NpPSZtZgEG8KR1aG93PTExNSZhZ3NhPSZyZ3o9MjIwNDkmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9ZGUmbWxhbmc9JnN2cGlkPTcxNDMmZGlkPSZyY3h0PU90aGVyJmxhdD01My41NzAwMDAmbG9uPTEwLjA1MDAwMCZ0bXBjPSZkYWlkPSZ2cD0wJm8BqWhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JgAgrLSsNlvDeJnZwYj1QcmVSb2xsJmRjPTgyJnZjYz1FTFFCR0xRQk1nUUlBZ2dKT2dRSUFRZ0NRQUZJQVZBQ2lBRUNvQUdRQTZnQjRRSElBUUhRQVFQb0FRS0FBZ09LQWd3SUFRZ0VDQUlJQlFnRENBYWFBZ0lJQXFBQ0FxZ0NBc0FDQWcuLiZzdj1hcHBuZXh1cyZwaWRpPTMxMjEmYWR2aT0xODMyMDQmY21waT0yMDM3ODk5JmFnaT0xMDQ3MDY2MCZjcmlkaT0yMTU3MTI2MSZzdmk9NyZjbXA9MXdoOW8zdCZ2ciGWLDQlMmMxNSZydXJsPWUyICUzYSUyZiUyZjY4AxQlMmZjYXRlOgglMmZpPBAlMmYmdEGf9MkDcE1LZ0dLWE9oZGltV29IZHBpMWVwU1I5SE9BUVhaYlZJOTMybTg1S0dVcy4mYz1DZ2RIWlhKdFlXNTVFaUpHY21WbElHRnVaQ0JJWVc1elpXRjBhV01nUTJsMGVTQnZaaUJJWVcxaWRYSm5HZ0FpQjBoaGJXSjFjbWN3QWpnQ1NBQlFBWUFCQUlnQkFwQUJBQS4uJmR1cj1DakFLREdOb1lYSm5aUzFoYkd3dE1TSWdDUF9fX19fX19fX19fd0VTRTNSMFpGOWtZWFJoWDJWNFkyeDFjMmx2Ym5NLiZkdXJzPVV2QVh2cyZjcnJlbHI9JmFkcHQ9YW5vciZpcGw9MTczODY2NTUmZnBhPTcyNiZwY209MyZncmRjPUNBRS4mdmM9MyZzYWlkPTM2NzE4MjI4ODM1MTk2MzQwMzImaWN0PVVua25vd24mYXVjdD0xJmltPTEmbWM9OGI4ZTkyNTAtZDE5My00N2ZmLTg2ZmYtYTA3YjdmZmVlZDBm8gI9ChVUVERfVkFTVF9JTVBSRVNTSU9OSUQSJGUzNWM3YzY2LWM5YzEtNGQxNy04OWExLWE1N2Y1MzEwZmRmM4ADAIgDAZADAJgDF6ADAaoDxAEKlwFodHRwczovL2luc2lnaHQuYWRzcnZyLm9yZy9lbmR1c2VyL3Zhc3QvP2lpZD0ke1RURF9WQVNUX0lNUFJFU1NJT05JRH0mY3JpZD1naHE0Nm9qZiZ0dGRfcHJldmlldz0ke0lTX1BSRVZJRVd9JndwPSR7QVVDVElPTl9QUklDRX0ke1RURF9WQVNUX1BBUkFNRVRFUlN9GhM0OTcxMDM3NTQzMzI3NjA3MDk4KgQzMTIxOg1vcnRiLWdocTQ2b2pmwAPgqAHIAwDYA7bVtwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTM2LjI0My4xOTguODGoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBKvkjp0BiAUBmAUAoAXwtNrS1e67-jLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGjdgB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMXdoOW8zdLoHDwgAEAAYACAAMAA4wAZAAMgHg-gF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfViwOKCAIQAA..&s=906fca925210de081edb863ef21f30d24bca0b86

Request Chain 179

https://c1.adform.net/serving/cookie/match?party=14&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA

Request Chain 180

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7918867047318286971

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FSDAsEkVSC6O3oTx56YRyg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 183

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3e1961bb-84e0-4600-baae-3f1a6ae2d154

Request Chain 184

https://pixel.onaudience.com/?partner=214&mapped=1520C0B0-4915-482E-8EDE-84F1E7A611CA HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=81af1dac-941a-4a28-8cd7-842422c9914d&icm

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUyMEMwQjAtNDkxNS00ODJFLThFREUtODRGMUU3QTYxMUNB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA96iYDAMFgHGQwZw5WOPrg&google_cver=1

Request Chain 188

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09&gdpr=0&gdpr_consent=

Request Chain 261

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YbuE5QAMZMCMjQAz HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YbuE5QAMZMCMjQAz&_origin=0&gdpr=0&gdpr_consent=&_test=YbuE5QAMZMCMjQAz HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbuE5QAMZMCMjQAz&_origin=0&gdpr=0&gdpr_consent=&_test=YbuE5QAMZMCMjQAz&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

Request Chain 262

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiODFjYmM1Yy01ZTlkLTExZWMtYjE0ZC0wNjA0MDhiZjZmZGU%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEGQoUdcvjd9DF_Z1KSvxuN4&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGQoUdcvjd9DF_Z1KSvxuN4&google_cver=1&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

Request Chain 263

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=81af1dac-941a-4a28-8cd7-842422c9914d&_origin=1&gdpr=1&gdpr_consent=

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0

Request Chain 279

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbuE48FpMdYRks.S89acmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2

Request Chain 280

https://gcdn.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6D9436CB96F0F3949F20C0D49E9BA8F0DBE475F3.6A5776B5508E69115838A31C089414A3C1CE68ED/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4A4008D0968B34530C22765FD124CCEAD8307D91.1531ABD59DCDA9B5647DFC8DE4E609B41D4D8337/key/cms1/cms_redirect/yes/mh/RS/mip/2a01:4f8:212:78e:2b::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1639678855/mv/m/mvi/1/pl/52/file/file.mp4

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0

Request Chain 287

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbuE48FpMdYRks.S89acmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE3iSRFfexKw2wLaVhuvxVg&google_cver=1

Request Chain 292

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM0Mzk1NzYyMDU0MzY4NDQwNA%3D%3D

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1&gdpr=0

Request Chain 294

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjhkMDJjYWItODczNy0yZmU0LWUxNjEtYTAwMTFhMDczNGY5

Request Chain 299

https://gcdn.2mdn.net/videoplayback/id/2e75bb2624bcc57d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783491777/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/28C7157BCE8602A4F79E00D27158C5841A6165F9.B9CB3BF7233B4D97FD6D2B592645CF8BBC4CBCCB/key/ck2/file/file.mp4?cpn=x6RQ-2M0UlDcGe_j HTTP 302
https://r2---sn-4g5edndl.c.2mdn.net/videoplayback/id/2e75bb2624bcc57d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783491777/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0675F638529AF3AC68BE841756C3E2BA8F68BE07.79C747EDD4D0CABCEB1EAAAE986D483FD4BBE356/key/cms1/cms_redirect/yes/mh/6W/mip/2a01:4f8:212:78e:2b::1/mm/42/mn/sn-4g5edndl/ms/onc/mt/1639679095/mv/m/mvi/2/pl/52?cpn=x6RQ-2M0UlDcGe_j&file=file.mp4

Request Chain 300

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154

Request Chain 301

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt

Request Chain 302

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1

Request Chain 306

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154

Request Chain 307

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt

Request Chain 308

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289

Request Chain 311

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1

Request Chain 334

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042368557124876440

Request Chain 335

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&addseg=19,36,42

Request Chain 336

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1520C0B0-4915-482E-8EDE-84F1E7A611CA&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1520C0B0-4915-482E-8EDE-84F1E7A611CA&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 338

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA HTTP 302
https://a.audrte.com/p

Request Chain 339

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81af1dac-941a-4a28-8cd7-842422c9914d

Request Chain 340

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2929780910311444289

Request Chain 341

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3343957620543684404&gdpr=0&gdpr_consent=

Request Chain 342

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0DwEY945AmfLaQU21jVLYNFvUzXLaQMy1zREmXdA

Request Chain 343

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tnAb_9E2uWkxI73Sgt3s1.LInRB3Jw-~A&gdpr=0&gdpr_consent=

Request Chain 344

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

Request Chain 345

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbuE48FpMdYRks-S89acmwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1

Request Chain 350

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YbuE5gAMZSbHvQAz HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YbuE5gAMZSbHvQAz&gdpr=1&_test=YbuE5gAMZSbHvQAz

Request Chain 351

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204

Request Chain 353

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

Request Chain 355

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbuE48FpMdYRks-S89acmwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1

Request Chain 359

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204

Request Chain 364

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 377

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 437

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 444

https://sync.serverbid.com/ss/2000891.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Request Chain 451

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1tDHbrUE1MXVsN5

Request Chain 452

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=95365e04-c8af-4a62-a1ef-30ebeec74c2f&expires=10&ssp=openx&bsw_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=1f84e4a2-4b65-4f6b-969d-c68d9d026a21

Request Chain 453

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3343957620543684404

Request Chain 454

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJWHNrN0Rkd29BQUQtaVprVnFMZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 456

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=Bs2tB4OfM&dongle=u6nf

Request Chain 457

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBNP-OSmUuLGUz4eSDmYx68&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 458

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM0MjAzODAzNTczNzA5NTYzNjE%3D

Request Chain 460

https://pr-bh.ybp.yahoo.com/sync/triplelift/13420380357370956361?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-I9_oQD9E2oSfgp9WWiyH8u7JxTk.yP1jSAHjHSnugw--~A&dongle=0883

Request Chain 463

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13420380357370956361 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13420380357370956361&dcc=t

Request Chain 464

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 471

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=3343957620543684404

Request Chain 472

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=3dca89b7fdd10c39453eec1d

Request Chain 473

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=444403837 HTTP 302
https://sync.1rx.io/usersync/tradedesk/81af1dac-941a-4a28-8cd7-842422c9914d HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003

Request Chain 475

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=969751677169756561

Request Chain 477

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=085e865d-3ae0-41ec-a6d0-44825dac8346&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 478

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-Sa_Mxe5E2uHKcHC3M3fyjthF3K86tBMTUrRwN.s-~A

Request Chain 482

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=

Request Chain 483

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

Request Chain 484

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-56891bea-9fa6-48ef-80f9-0c79bc24b2b4

Request Chain 486

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Ye4Bjm_rB4p6uwDbZ-dOjWC9Vth6uwbfZuau00Xi

Request Chain 490

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7881695143172826811

Request Chain 492

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbuE48FpMdYRks-S89acmwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1

Request Chain 493

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639765606&gdpr=1

Request Chain 494

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=

Request Chain 498

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7042368557124876440&gdpr=0&gdpr_consent=

Request Chain 499

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=a2cc65bc-2b67-4f97-9adc-e7b868356304&gdpr=0&gdpr_consent=

Request Chain 501

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=smartadserver&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=1f84e4a2-4b65-4f6b-969d-c68d9d026a21&gdpr=&gdpr_consent=

Request Chain 502

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=3343957620543684404

Request Chain 503

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6e4218d0-9603-44be-8e63-3bea50b05bdf&ssp=gumgum2 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=1f84e4a2-4b65-4f6b-969d-c68d9d026a21

Request Chain 504

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28hpurPWIk5LnyuDuc8wg0AMNEF4j2b2YK3u04jR6F2Vd70exoqh2JX8ZiOsokTdwe%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28hpurPWIk5LnyuDuc8wg0AMNEF4j2b2YK3u04jR6F2Vd70exoqh2JX8ZiOsokTdwe%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c&obuid=ENC(hpurPWIk5LnyuDuc8wg0AMNEF4j2b2YK3u04jR6F2Vd70exoqh2JX8ZiOsokTdwe) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

Request Chain 505

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=f3825b11-6655-4916-93fa-ea5518b5fbdf

Request Chain 506

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-2c176b07-fb37-472a-407e-dca8367fdef9$ip$136.243.198.81

Request Chain 507

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-KYRpw9JE2pdambBcotkC1.tYVP..9Zt2afx4~A

Request Chain 508

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=b9f0e088-5e9d-11ec-9c17-0b6051703b96

Request Chain 511

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=0hyxAjurBTuRUAauRUoL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MDIPF4EC2TVOJBFI5KSKVAWC5KSKVXUYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MDIPF4EC2TVOJBFI5KSKVAWC5KSKVXUYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=0hyxAjurBTuRUAauRUoL&us_privacy=1---

Request Chain 512

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=2a62fc15-5da3-4f47-9195-334c2f3eb417

Request Chain 513

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003&rndcb=3437320458 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21&google_hm=MWY4NGU0YTItNGI2NS00ZjZiLTk2OWQtYzY4ZDlkMDI2YTIx HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDStz3Ve8t6LCltQwXYJ0Gg&google_cver=1&ssp=adconductor&bsw_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21 HTTP 302
https://sync.1rx.io/usersync/bidswitch/1f84e4a2-4b65-4f6b-969d-c68d9d026a21?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003

Request Chain 514

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=2LSdrUAgy4CE&ev=1&pid=558355

Request Chain 517

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=0&gdpr_consent=

Request Chain 518

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=

Request Chain 522

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=81af1dac-941a-4a28-8cd7-842422c9914d&t=1642271206

Request Chain 523

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 525

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YbuE5sCo8X0AAPIEBfMAAAAA

Request Chain 526

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=iZiRJqH0Dct0lOmeMB1y&pi=gumgum&tc=1

Request Chain 528

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 532

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=3343957620543684404

Request Chain 533

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YbuE48FpMdYRks.S89acmwAA%261161

Request Chain 534

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=3dca89b7fdd10c39453eec1d

Request Chain 536

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

Request Chain 537

https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4

Request Chain 538

https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D HTTP 302
https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4 HTTP 303
https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4&_li_chk=true&previous_uuid=ba9f81572fa545fbb5522fbdc155b74c HTTP 303
https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4

Request Chain 541

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9ANRYU-S-3VJ7&sigv=1&esig=2~9c03921dbefd79ea9e518b53c993aec491db4665

Request Chain 542

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/P9JisBL4eDAFS5Ye0cseJQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9106965456346636601

Request Chain 543

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbuE5QAMZMCMjQAz

Request Chain 544

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e1961bb-84e0-4600-baae-3f1a6ae2d154&expires=28

Request Chain 545

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMZjEY453xCKQnlgOZBUpgQ&google_cver=1

Request Chain 547

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTAxMWEyZWU3Y2RlOGIxMGI5ZTM0ZjVlZGY1ZThhYjc5OGVmMzViMA

Request Chain 548

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5QU5SWVUtUy0zVko3

Request Chain 626

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=

Request Chain 627

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1434631964 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

Request Chain 629

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic

Request Chain 630

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7881695143172826811&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 632

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

635 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
threatpost.com/category/videos/
Redirect Chain

https://threatpost.com/category/videos///
https://threatpost.com/category/videos/

84 KB
19 KB

427ms
214ms

Document
text/html

35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/category/videos/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

380aae00ec378f9a6905d27e8b7b671a15fd216b52ae30a98361b5d9e1b3e822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 16 Dec 2021 18:26:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/categories/43229>; rel="alternate"; type="application/json"
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: HIT
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 16 Dec 2021 18:26:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Redirect-By: WordPress
Location: https://threatpost.com/category/videos/
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: MISS

GET
H/1.1 200
OK museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
15 KB 425ms
212ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: "61ba03bd-3ca8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 15528

GET
H/1.1 200
OK museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 426ms
213ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: "61ba03bd-5124"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 20772

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 423ms
210ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:26 GMT
Server: nginx
ETag: "61ba03be-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 15820

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 424ms
210ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:26 GMT
Server: nginx
ETag: "61ba03be-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 20900

GET
H/1.1 200
OK museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 425ms
211ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:26 GMT
Server: nginx
ETag: "61ba03be-5c74"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 23668

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 427ms
211ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: "61ba03bd-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 20884

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 849ms
213ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: "61ba03bd-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 23468

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 852ms
214ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: "61ba03bd-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 20920

GET
H/1.1 200
OK museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 853ms
212ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: "61ba03bd-5b34"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 23348

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
20 KB 852ms
211ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer: https://threatpost.com/category/videos/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:38 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:26 GMT
Server: nginx
ETag: "61ba03be-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 20680

GET
H2 200 op.js Show response
tagan.adlightning.com/math-aids-threatpost/ 44 KB
19 KB 57ms
26ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52aa00f47256e3dbe7e2e650684491fed0dd474663ba75b4224e6b78e28468e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Q84bFVFM9NBMwKHwOuvJUC59nl9NNXkP
content-encoding: gzip
etag: "de0056291b99580510ec6e2a494b9a5d"
age: 2100
x-cache: Hit from cloudfront
content-length: 18646
x-amz-meta-git_commit: 7b120a5
last-modified: Thu, 16 Dec 2021 14:46:02 GMT
server: AmazonS3
date: Thu, 16 Dec 2021 17:55:10 GMT
content-type: application/javascript
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 5l45Um0j8RK4gbZ7si9QCRUyBuatv9kdyY7CvIar-7wtfn9Zzrzf2Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1072 / 582 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H2 200 ros-layout.js Show response
qd.admetricspro.com/js/threatpost/ 26 KB
4 KB 40ms
18ms Script
application/javascript 2606:4700:3030::ac43:cf70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 03 Nov 2021 12:58:13 GMT
server: cloudflare
etag: W/"67a6-5cfe1f68177b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqTcymaE1jBl0f4I7QcVL%2BxwP1514nTc9mWdzmp%2FM81wZHIdkNX4p%2B5XHySfA6eP1f3v53wBU%2BU%2FvNARQp7eX%2BP02IhEScOjC837NooCNvIAzBziHS%2FkvlLIaY4RUV68%2FszUZakj0%2BWUSdczq%2FvEa59L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6be9f60cadef4d89-FRA
expires: Thu, 16 Dec 2021 18:31:53 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/threatpost/ 310 KB
90 KB 27ms
25ms Script
application/javascript 2606:4700:3030::ac43:cf70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 14:47:10 GMT
server: cloudflare
etag: W/"4d957-5c3b56abf6028-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWYVb8T4UFOZIFt6Rt03jIPf1bNpiZRNfRDmSadRvbcmKObYCn6tPR9r3QXXajyJAH9tcJc%2FUEAvksfEcnkg0xaTfTp0OB7fs1siHza%2Fr6oBILm8htL5p6XuvFBgarivFixUEWW5p%2B9290PmQLJsqOru"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6be9f611f8614d89-FRA
expires: Thu, 16 Dec 2021 18:30:13 GMT

GET
H2 200 uspcmp.js Show response
qd.admetricspro.com/js/threatpost/ 148 KB
58 KB 20ms
18ms Script
application/javascript 2606:4700:3030::ac43:cf70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 08 Aug 2020 22:40:07 GMT
server: cloudflare
etag: W/"24e50-5ac65673cef1c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwcbk9WR%2BklWbZdhX4XAPqyZgw6EZl%2FUVvx%2F5R12c63HZ3QQ586dpukwHZNbtTPkLiO7rWlVGNNoW%2Bf7j%2BOGFdOQQeIrFI3Rudy2LPXkpo5lE82wG%2BleE%2BygKF0IZsAKfrjznT5uBcO7KeuonarmoKYq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6be9f611f8634d89-FRA
expires: Thu, 16 Dec 2021 18:28:46 GMT

GET
H2 200 targeting.js Show response
qd.admetricspro.com/js/threatpost/ 393 B
553 B 19ms
18ms Script
application/javascript 2606:4700:3030::ac43:cf70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 21:50:12 GMT
server: cloudflare
etag: W/"189-5c8c2c96f96c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOLPTLuFcg12JhenRUgFL2SSpARM3OaQDQQz7rYukn5dHJWFNmzlNeauLmNh3%2F79T8%2Fq2OHAMDacxvit%2Fj0mIda6%2BqegEc4eDmLEAPbLszc9hcCpoYXMdJylYHvOlhWqm1AuLY7G3z0zHkEpjLwLXU4n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6be9f611f8684d89-FRA
expires: Thu, 16 Dec 2021 18:32:10 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/threatpost/ 430 KB
124 KB 32ms
31ms Script
application/javascript 2606:4700:3030::ac43:cf70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 15:35:01 GMT
server: cloudflare
etag: W/"6b738-5ce51d26ef74c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gqCiTQYHmIMpGylVrWU7R15SF8i3lAN4L7H2TAblJMiNHE4zQi18iRy79IlojX7EtCXVvb2ZqkedbrnEZfK%2FK0D28mD3a45j7ZOfgrjM%2Fl9M71P2yOV46dmoGTRYeRo%2FEcD8jBkuKVw3euZVM0Gr9gV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6be9f611f86b4d89-FRA
expires: Thu, 16 Dec 2021 18:32:10 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/threatpost/ 35 KB
11 KB 54ms
33ms Script
application/javascript 2606:4700:3030::ac43:cf70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/engine.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 15 Oct 2021 02:14:43 GMT
server: cloudflare
etag: W/"8b7c-5ce5ac22db48b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfB%2FyPc4esT4qii61KNU4LuGlzTJBY4GcY3Lv%2FF4nB8a%2FPL0WXV%2BeI8XV1TRgd1rqqXgECFk%2FqUYwxzUE7s%2FoBXiNqBBpz%2BoxcGl6vpK%2BBgbBuzGLtjBCzMNL2GM050%2FD8%2BYyI%2F%2BgJtHFK5H3EwojdWQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6be9f60cadf24d89-FRA
expires: Thu, 16 Dec 2021 18:22:58 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 294 KB
42 KB 396ms
377ms Stylesheet
text/css 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 42696
x-cache-hit: HIT
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: STx-PECSte8CZn7c_pgW7ivR8z5O8mZloMNUZl3otQbwpK4pDiDJpQ==
expires: Fri, 17 Dec 2021 15:10:12 GMT

GET
H/1.1 200
OK jquery-1.12.4-wp.js Show response
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 95 KB
37 KB 853ms
211ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/category/videos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Dec 2021 18:26:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: W/"61ba03bd-17a56"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 23 Dec 2021 18:26:38 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 20 KB
7 KB 303ms
284ms Script
application/x-javascript 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=27cd3695

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 6410
x-cache-hit: HIT
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: 8Pji8H6SS62O4oCQ8NxCeJHYYAAd_nR7J82BOfstiBhQwesfvkqkyw==
expires: Fri, 17 Dec 2021 15:10:13 GMT

GET
H/1.1 200
OK scripts.js Show response
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 2 KB
1 KB 323ms
109ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Dec 2021 18:26:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 15:03:26 GMT
Server: nginx
ETag: W/"61ba03be-828"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 23 Dec 2021 18:26:38 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
971 B 39ms
18ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c17dfcc26d6ed3cc1d800c120b100cc7bcbf03ea1a9c72d8aeadfe9b41d49b2a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 558
x-xss-protection: 1; mode=block
expires: Thu, 16 Dec 2021 18:26:38 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 298ms
283ms Script
application/x-javascript 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=27cd3695

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 926
x-cache-hit: HIT
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: fHBWL_nuiWdm0LFoNMj2FxHXM_c8C3VY09Z5ndBwynivuhQr4rcXGQ==
expires: Fri, 17 Dec 2021 15:10:12 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 750ms
108ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/category/videos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Dec 2021 18:26:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 15:03:25 GMT
Server: nginx
ETag: W/"61ba03bd-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 23 Dec 2021 18:26:38 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 7 KB
3 KB 298ms
284ms Script
application/x-javascript 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=27cd3695

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 2685
x-cache-hit: HIT
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: s_5c93dcmjtHVxDgVNcoIkFMd_Pwsj_85HBHce9ueAugeUvw11H6mQ==
expires: Fri, 17 Dec 2021 15:10:12 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 5 KB
2 KB 300ms
285ms Script
application/x-javascript 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=27cd3695

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 1747
x-cache-hit: HIT
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: 060LI-exaXRZl9_55oXIFW5msZ3U-3mRQtMShYK2yHr1YSiVzZkXUg==
expires: Fri, 17 Dec 2021 15:10:16 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 117 KB
36 KB 385ms
371ms Script
application/x-javascript 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-includes/js/wp-embed.min.js&ver=27cd3695

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8e4d950b8337b1910aac41b57d623944d6ab80dadeb716a8f70497f4bdd2f955

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 36518
x-cache-hit: HIT
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: uoewpTjeXLxFLGhbSkZrAn0qYIW6ipE61TzWELbiymxnFNuHNZs5Kg==
expires: Fri, 17 Dec 2021 15:10:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 30ms
10ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 257
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1Z8ASHQGXX6JJVGNCPRJ
date: Thu, 16 Dec 2021 18:23:42 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WyhG2lI06U1RaKp3uwKU-3aiVrkbE5HY0mcKoz0RmqMVfG4VAIyRpQ==

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/142882/ Frame 5BA8
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/142882/connatix.player.dc.js

1 MB
236 KB

9ms
8ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/142882/connatix.player.dc.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7837e8e709d4bf08babcffa67d8ad320e49d53a381d35a9f7fe3f2874862cb61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: br
last-modified: Thu, 16 Dec 2021 16:45:03 GMT
age: 4900
etag: "53a700841ba026a7f918053ac5a7d7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 240906

Redirect headers

location: https://cds.connatix.com/p/142882/connatix.player.dc.js
date: Thu, 16 Dec 2021 18:26:38 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
398 B 322ms
109ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1300753837&back=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:39 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: HIT
Transfer-Encoding: chunked
X-Debug-Auth: off
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 177 KB
59 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc9ea7b89a3442a6912131c421c429c900b18706f13d3de29f01dc75b154cc00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60317
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 13 KB
13 KB 318ms
106ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/category/videos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:39 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:26 GMT
Server: nginx
ETag: "61ba03be-328e"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 12942

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 13 KB
13 KB 319ms
107ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/category/videos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:39 GMT
Last-Modified: Wed, 15 Dec 2021 15:03:26 GMT
Server: nginx
ETag: "61ba03be-328e"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 12942

GET
H2 200 logo.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 368ms
367ms Image
image/png 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03bd-4a32"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 18994
x-amz-cf-id: 7KBxVSMNtvvQpeRqQ_pVhKFfkYiUtHb2DuCz7QAGIvMvWB6EFKxtkw==
expires: Thu, 23 Dec 2021 18:26:39 GMT

GET
H2 200 mail-plane-light.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
1 KB 276ms
276ms Image
image/svg+xml 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03be-33c"
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 828
x-amz-cf-id: x940PNxQc6CaozMqkyAPN2aCZGxbt818Ats-uO_HZAcxSkXGXAMU8Q==

GET
H2 200 twitter-blue.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
1 KB 282ms
277ms Image
image/svg+xml 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03bd-364"
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 868
x-amz-cf-id: uryFJbSDNfdzMgPyDOTlmi7oMynkf4W79HEpmUesiM1DMB7XRr4Oaw==

GET
H2 200 museosans-700-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 410ms
383ms Font
font/woff2 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03bd-51a4"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20900
x-amz-cf-id: g7LzaBzC6sTfHRTprmCMU6UvD8aZd7EXURjZuY0zxjF3kixaAXQfYg==

GET
H2 200 museosans-100-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 405ms
378ms Font
font/woff2 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03bd-50c8"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20680
x-amz-cf-id: jdr3U6CO0dPBC-wSjfKUVmpPNU0kTpUHmpjoSwYQ_U_1q4L4HewCOA==

GET
H2 200 museosans-300-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 398ms
373ms Font
font/woff2 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03be-51b8"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20920
x-amz-cf-id: 2rpGB88b-JLZwA85ZXS0o2-vuJPOtFh-8nDoNEIwmdBECI8BZ14_nQ==

GET
H2 200 museosans-300italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 395ms
371ms Font
font/woff2 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03be-5bac"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 23468
x-amz-cf-id: udf2Eoj0g2nygd-etMtbpuj8fZtr1a3RUL5jeBP7T_WoRV7pqm2DsA==

GET
H2 200 museosans-500-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 405ms
381ms Font
font/woff2 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03be-5194"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20884
x-amz-cf-id: VhA_qpR4CPsUR-dxY0baMHeqJQjAh1qd5Sj_TE6UPnh8VoT18Apwgw==

GET
H2 200 museosans-700italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 399ms
375ms Font
font/woff2 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:25 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03bd-3dcc"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15820
x-amz-cf-id: NE4yXQkxhxwMvWLiJ-uYHHU1h8mkjLQ7T4PVCx0JrZ08YU3K_fXDGw==

GET
H2 200 player.css
cds.connatix.com/p/142882/ 54 KB
8 KB 7ms
7ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/142882/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed6cc3e4d411248d84eed9acc1d13ad3fd98396734464cf07173588aeb9d02aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
last-modified: Thu, 16 Dec 2021 16:45:04 GMT
age: 4901
etag: "2e0a3bf94576cf171c12f9ef0e6f5c54"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8439

GET
H2 200 mail-plane-large-dark.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
1 KB 275ms
275ms Image
image/svg+xml 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03be-32c"
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 812
x-amz-cf-id: SplvnUiKkz4LfTDPyxTrjDHvJCQjQpbyYGOxRoQaRdPtaKfa46Cvpw==

GET
H2 200 logo-white.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 375ms
375ms Image
image/png 2600:9000:2156:3800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=27cd3695
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 15:03:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "61ba03be-260a"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9738
x-amz-cf-id: CrCIklckVkxgN3P09FNw2RntB2BxlGW1AAXWFJ6OJqSydKrt_7jyqw==
expires: Thu, 23 Dec 2021 18:26:39 GMT

GET
H2 200 oilrig-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2020/07/22170321/ 21 KB
21 KB 39ms
16ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/07/22170321/oilrig-540x270.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dfda727195f3ef7756927a566238d0485f679c287a4afad15ddfb9a3c70db53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:17:18 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 21:03:58 GMT
server: AmazonS3
age: 5015362
etag: "1dca2eb9cf5a8fefdec635dbc08429d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 21072
x-amz-cf-id: S2dNXQOpSKDKVEfMeEM2ji7fH03swvoOrMCwFt0pVeZxuq0gUBhviQ==
expires: Thu, 22 Jul 2021 21:03:54 GMT

GET
H2 200 iot-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/11/19110609/ 26 KB
27 KB 39ms
17ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/11/19110609/iot-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 382387138011c05bdf81e36461afcf81c934f661c2a37c2fca0f1cdc37c099a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 05:43:20 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Thu, 19 Nov 2020 16:06:13 GMT
server: AmazonS3
age: 5229799
etag: "6e634910c7ad3f94a28c5574b3fa48c3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 26788
x-amz-cf-id: Ow3HroIuuqBWbUUglNXBjtqUczfHUbzCOJevtrUQm4VzF4gHnw8ttQ==
expires: Fri, 19 Nov 2021 16:06:11 GMT

GET
H2 200 cybercrime-partnerships-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/25134709/ 22 KB
22 KB 38ms
16ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/25134709/cybercrime-partnerships-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b47bf3b41f7dc0e331f0c9b93e7c6d7886e9463de0b15a42bbb8cdcbcd8835d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 05:43:20 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Thu, 25 Feb 2021 18:47:14 GMT
server: AmazonS3
age: 5229799
etag: "df799a8c140649b69d5d0efda3bdfc7e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 22406
x-amz-cf-id: 1wRx6jaoFKZk1Sl2Cbe6NPOuTfEzzueqEedyRXjTToB5JBnyZ5_SWQ==
expires: Fri, 25 Feb 2022 18:47:12 GMT

GET
H2 200 Business-Email-Compromise-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/11095955/ 28 KB
29 KB 38ms
16ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/11095955/Business-Email-Compromise-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c144dfdf12c4fb5520be9acbf56669fa59cac648cac1d659821d8e0c4ec11a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 05:43:21 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 14:59:59 GMT
server: AmazonS3
age: 5229799
etag: "190ea7721434c9b48b8b150f677af574"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 28830
x-amz-cf-id: NpCYQk0a7fgQtdUY5yYFJ9y88QMIu8Hoing7H9cGibQpronGP06ihg==
expires: Fri, 11 Feb 2022 14:59:58 GMT

GET
H2 200 apple-mac-security-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/10/06094956/ 9 KB
9 KB 38ms
16ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/10/06094956/apple-mac-security-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21d29461dee4b4082d1b9d045cefc3a7e4080d7a4f8b25c96d789afae73b13bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 19:37:06 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 13:50:00 GMT
server: AmazonS3
age: 5266174
etag: "d808361f94d284124ee4830675ac30d3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 9133
x-amz-cf-id: AXt2L0f112atMQEbgMsteyUSfDU7J9_aLQU0C7th5UXqqla2gXO9FQ==
expires: Wed, 06 Oct 2021 13:49:59 GMT

GET
H2 200 covid19-healthcare-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/12/02155123/ 23 KB
23 KB 38ms
16ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/12/02155123/covid19-healthcare-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7694f2ba6cd5fa09052e478696bbe42396ba2d25f81490bd127798afec9ff7da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 09:20:48 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 20:51:27 GMT
server: AmazonS3
age: 5389552
etag: "1a7d6bdb4619f3e0f2af0f4a59fada72"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 23414
x-amz-cf-id: zB0DLPrFd0h8pQll2ZnRoQdi8bG0fkosCwr0PMJSlX4iB2gEtT5CTw==
expires: Thu, 02 Dec 2021 20:51:26 GMT

GET
H2 200 Bug-Bounty-Code_small-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/25150114/ 51 KB
51 KB 33ms
28ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/25150114/Bug-Bounty-Code_small-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c394ae4c2841ba7dcabdfe8adfbd3723e34425e2983bb9ce198af2ab382f1a6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 17:34:09 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 19:01:18 GMT
server: AmazonS3
age: 5187151
etag: "a1f86f3e8246a429bf737f3786313a7f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 51961
x-amz-cf-id: ACx5pVPKOmgiuGMHw8KRF81krmLEmeFZOjOA0cQDp-1VfMR1pezEXg==
expires: Sat, 25 Sep 2021 19:01:17 GMT

GET
H2 200 Magento_Ecomerce-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/10/24152937/ 18 KB
18 KB 19ms
18ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/10/24152937/Magento_Ecomerce-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7e1a1e5c5ca043b1bde1bdaebcb8cff11727d16f428d52d976be5f496f18882

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 17:34:09 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Wed, 24 Oct 2018 19:29:39 GMT
server: AmazonS3
age: 5187151
etag: "f090e826cb029e77b9612b91d0b9fe15"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 18154
x-amz-cf-id: nKaBbn0kf1xJGg-7MFTrIJs6dpIzKBi0Fx1bH4L4ZxQcPwIy9vOWtg==
expires: Thu, 24 Oct 2019 19:29:37 GMT

GET
H2 200 voting-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2020/08/20152536/ 20 KB
20 KB 18ms
17ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/20152536/voting-540x270.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66e069239bcb31dfe981b4c7ff9181f626513d638bf79cec2e43df62bafd4d12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 03:24:09 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 19:26:03 GMT
server: AmazonS3
age: 5238151
etag: "db34b329055c6feea937dd80599a7b28"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 20204
x-amz-cf-id: F5bSLGVKyLcit1SuQJMyv0PO1_w4rxcS0W1XlZvYXwvcEmuRZreLTg==
expires: Fri, 20 Aug 2021 19:26:00 GMT

GET
H2 200 emotet-returns-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/08/04144247/ 29 KB
29 KB 193ms
192ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/04144247/emotet-returns-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbd97a2d470259e0d42fe6244edf94444a4a2fdbf0ee308633803413c1df9926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 18:42:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2, FRA50-C1
etag: "3bf0bfcca8a356f913f76de95c2d73cb"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29297
x-amz-cf-id: Wh_2B8KBmarajlsixgHqKO21YxEYbb5oZEkRqlbKxXieW3RFZPQ4sQ==
expires: Wed, 04 Aug 2021 18:42:50 GMT

GET
H2 200 suppy_chain-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2020/12/30075224/ 10 KB
10 KB 17ms
12ms Image
image/png 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/12/30075224/suppy_chain-64x64.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d4f43acaf2e0749680eb279e3e56115b205efe8ca0e2461e3453b65f6c1dc99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 00:29:17 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Wed, 30 Dec 2020 12:52:29 GMT
server: AmazonS3
age: 151043
etag: "7ef9270e087aae4f25c099c47c81ffaf"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2, FRA50-C1
accept-ranges: bytes
content-length: 9870
x-amz-cf-id: IF_k6DpLuTLt2Eypladj3haBzWS4URthHabPA06GaRybAnHzpq7ClQ==
expires: Thu, 30 Dec 2021 12:52:28 GMT

GET
H2 200 office-365-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/11154917/ 2 KB
2 KB 21ms
17ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/11154917/office-365-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e950f047b72b2e9a986a7d140b74d09a651472a991e200ecd268a13a95d1a405

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 19:29:30 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Fri, 11 Sep 2020 19:49:21 GMT
server: AmazonS3
age: 514630
etag: "cc77de8072fab467a72e3869474ed7ec"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 1911
x-amz-cf-id: 6PU2FylADwKE7RvhmZnzwLuXjRAzZlZq-367as-ArJrzT5Ejo6Bc_w==
expires: Sat, 11 Sep 2021 19:49:20 GMT

GET
H2 200 Hacker-e1638987782327-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/ 2 KB
2 KB 16ms
11ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/Hacker-e1638987782327-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c947edb74e618a58ee1ab7a05ef9a041b7c80a2282e6b4f1d8f5d36b7eef864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 19:28:59 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Wed, 08 Dec 2021 18:23:05 GMT
server: AmazonS3
age: 687461
etag: "e1d90ac3fa11bdeae13ee75f6b2fb6e1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 1770
x-amz-cf-id: _XqFfZTkm9UzztS5navv-zOTD3ta1y1-hyySkhdluA4sfmT-23eIaQ==
expires: Thu, 08 Dec 2022 18:23:02 GMT

GET
H2 200 Bad-business-practice-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/06162635/ 2 KB
2 KB 17ms
12ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/06162635/Bad-business-practice-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4830f3c6221ce4802e5d35e2222aa8107e2b8c5a55bc1fcbec3a5b5e85487283

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:48:32 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Mon, 06 Dec 2021 21:26:39 GMT
server: AmazonS3
age: 851888
etag: "b161c0973988d276766886d8973fa21c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 2110
x-amz-cf-id: aZZpVLyToEOj9PxufYfq6yPUgxd45kfyZY4erIrXW43k4bAj-9gEWA==
expires: Tue, 06 Dec 2022 21:26:38 GMT

GET
H2 200 noleggio-auto-1024x682-1-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/03120815/ 2 KB
2 KB 21ms
16ms Image
image/jpeg 2600:9000:2156:9400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/03120815/noleggio-auto-1024x682-1-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117f1d5fc9766ce2f27441e82eefb08b6bd89d0e4905a56cea52732270ec25ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 20:09:36 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 17:08:20 GMT
server: AmazonS3
age: 1117024
etag: "32d65616e53df09b88bde2532697a9b8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 1915
x-amz-cf-id: GaiWaSUNf1d8m9EFSnQhC8bDdqXzaGRiicgMD2Wp1XwvkmP1VmTeNg==
expires: Sat, 03 Dec 2022 17:08:19 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 16 Dec 2022 18:00:56 GMT

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame 5BA8 11 KB
5 KB 427ms
124ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: fae9bd680f8151d137ce5e01cba4db77064e7b5f9584533e8e47dd849e475fc9

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 4966

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 43ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 115 B
727 B 38ms
16ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H2 200 b-7b120a5-9b871d4e.js Show response
tagan.adlightning.com/math-aids-threatpost/ 73 KB
28 KB 8ms
8ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:51:16 GMT
content-encoding: gzip
age: 10542924
x-cache: Hit from cloudfront
content-length: 28179
x-amz-meta-git_commit: 7b120a5
last-modified: Mon, 16 Aug 2021 17:49:31 GMT
server: AmazonS3
etag: "c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id: HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: S30UMye-AtL7uWpxT7t5u3jzKixFCf9kIDTTxHCFz4VwnJ_sosCwgQ==

GET
H2 200 bl-0af0356-c84a0080.js Show response
tagan.adlightning.com/math-aids-threatpost/ 49 KB
21 KB 8ms
8ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-c84a0080.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4550853c9c2efdab413d125621a72beac549ab22a67054795d66c7791b258971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:51:28 GMT
content-encoding: gzip
age: 12912
x-cache: Hit from cloudfront
content-length: 20664
x-amz-meta-git_commit: 0af0356
last-modified: Thu, 16 Dec 2021 14:45:08 GMT
server: AmazonS3
etag: "6232504f3cf4940e0d2b3aa9e2d6c84e"
x-amz-version-id: R63xCHahTTTKZcFnIoPqbza15LNanK8D
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: _Xu5ZArwEC_l5fUE3u46hNjf2K_KJfbosZsHEbagRfkZyYYzqooV6w==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 662 B
1018 B 11ms
11ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 13:16:23 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: Server
age: 18616
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: kf0zxCUTOgr-eOUL9C-kqsFfgp4Mq6hK3Ps9B6Ciu3pMZDS_2LBYjQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 31ms
11ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 36924
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Thu, 16 Dec 2021 08:11:16 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l1SCRHvF6gqvOMqBLOT5_apg5SSLr-YB4r5P_AJH7f8KCd9s-LhHMA==

GET
H3 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 256 KB
38 KB 178ms
165ms XHR
application/json 2606:4700:3030::ac43:cf70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 31 May 2021 16:54:38 GMT
server: cloudflare
etag: W/"3ffae-5c3a314b5dcb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDvuyakSN9CS0HwpgHVo%2FiE%2BnPA7pECVXJF8jtglPmkN%2FfoTgLRnPNxdNrqSlVcGDZtbZ9ULNvDsFFY5JihbxmCOsVly8TtGWC3UjjPIu%2BB2Gh0q5vD1XhIeeUEs6j%2BC%2FZvc0FBhlbgobUXIsBWjn9Q%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 6be9f613ef5c6907-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 16 Dec 2021 18:36:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5133
date: Thu, 16 Dec 2021 17:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 19:01:06 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 31ms
9ms Script
application/javascript 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 23 Dec 2021 18:26:39 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 25ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100152-IAD, cache-hhn11551-HHN

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 25ms
10ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Thu, 16 Dec 2021 18:41:39 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 35 KB
10 KB 33ms
12ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Thu, 16 Dec 2021 17:32:40 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10053
x-request-id: 692617853

GET
H2 200 blockedDomains_3.bin Show response
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame 5BA8 81 B
321 B 41ms
8ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_3.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: be3ba2f86654b73dda7d39ed448c90628092498372215fffe2281e0b587a62dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 13:27:38 GMT
age: 5489117
etag: "6a19519ac776603343ae0285e9d02606"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 85

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 103ms
103ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 51ms
27ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1072 / 342 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H2 200 4_media.bin Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/ Frame 5BA8 477 B
387 B 7ms
7ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/4_media.bin?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c0894a3d16241654e309223b7337dffbd3c24e80f7a6af29dd7b09e3b5fc0d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:47:24 GMT
age: 98640
etag: "a1288946fe59c500be3caec02ab22fad"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 297

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5BA8 375 KB
124 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H2 200 1.png
img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 6 KB
7 KB 7ms
6ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
age: 2464654
etag: "CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age: 86400
fastly-io-info: ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 6487

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 2 B
354 B 38ms
19ms Script
application/javascript 2600:9000:2156:1400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 17:51:40 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
server: AmazonS3
age: 2098
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-length: 2
x-amz-cf-id: EnzfQ2jHonXv-fPNsg64dJU3MEg65xqwBTiOyo-AHlzWmcNRKExosQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
17ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1369698175&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&ul=en-us&de=UTF-8&dt=Category%3A%20Videos%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1985454569&gjid=151569502&cid=1292139180.1639679199&tid=UA-35676203-21&_gid=1555522908.1639679199&_r=1&gtm=2wgc10PM29HLF&tc=s&z=1196712196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
9ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1369698175&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&ul=en-us&de=UTF-8&dt=Category%3A%20Videos%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1292139180.1639679199&tid=UA-35676203-21&_gid=1555522908.1639679199&gtm=2wgc10PM29HLF&tc=s&z=1982840130

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 11:06:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26426
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
674 B 140ms
120ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cf9a93d9-32ae-4501-82fc-cb178a10be4c&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Thu, 16 Dec 2021 18:26:39 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4cb4012536c5cdafc148209501091cfb5a470cdb1dd1d7157945d7a176f6fda4
x-transaction: e5390213fe0fdf32
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
471 B 140ms
120ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cf9a93d9-32ae-4501-82fc-cb178a10be4c&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Thu, 16 Dec 2021 18:26:39 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f096b587d4ce89735be267f21900f2cc977ce31e7be704b0cbe9d70f337db157
x-transaction: 237d9b47d57f1725
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 200 724.json Show response
id5-sync.com/g/v2/ 213 B
532 B 40ms
10ms XHR
application/json 51.195.5.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/724.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.232 , France, ASN16276 (OVH, FR),

Reverse DNS

p15.id5-sync.com

Software

Resource Hash

970f69745617bc0445d87d843fc2b31dffa7e103bb39ac4ef865016c331069ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Date: Thu, 16 Dec 2021 18:26:28 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 49ms
16ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35676203-21&cid=1292139180.1639679199&jid=1985454569&gjid=151569502&_gid=1555522908.1639679199&_u=YEBAAEAAAAAAAC~&z=103230451

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 18:26:39 GMT
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 5BA8 688 B
749 B 565ms
261ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 004b555e1d3840bda72d3a682ff5eb820bdd8b59dcc601fa8e229c7546684476

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 453

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
531 B 48ms
47ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&pid=v4qIcmPpZgTFn&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 8933VHA8M2BFSMR2S69D
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: JHEqU51T0fSD5PMFN7-dRDKoNSggGJtDIyIcLL7YVqmV-ozw0gZExw==

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/ 2 KB
631 B 8ms
8ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8578ba646e27432ebb8a0d60a2abe221cf2a160050e56f8f714a6122cf9b93cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
age: 109461
etag: "/EpRHL3OXdpA3TFH0daYwDboJcsM0xa5SzuzgB16/YI"
access-control-max-age: 86400
fastly-io-info: ifsz=21905 idim=2560x1440 ifmt=jpeg ofsz=1635 odim=400x225 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 491

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
942 B 47ms
27ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 890638
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PXXx8ZygKaZ7Tti1m9dEzyXPvUUxRilMrK6bXiblrNmILhoksgq9saZ2jScvZyppxJqKwnGCNdBb64GYSLKXMeR2LNY3JUduys%2BB3PSRtHW6Ikd6%2BhTttDEh64KpG%2BI%2BzfC3FBDsuuPdguG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1638788436623244
cf-ray: 6be9f6176a5a7031-FRA

POST
H/1.1 200 724.json Show response
id5-sync.com/g/v2/ 213 B
532 B 9ms
9ms XHR
application/json 51.195.5.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/724.json

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.232 , France, ASN16276 (OVH, FR),

Reverse DNS

p15.id5-sync.com

Software

Resource Hash

dfbe38f74deaf784d558b56bdc41a38079debc4541928ef783ed86b3fad5adcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Date: Thu, 16 Dec 2021 18:26:28 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
531 B 52ms
52ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&pid=v4qIcmPpZgTFn&cb=1&ws=1600x1200&v=7.71.1&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-6794670-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-1%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: HXKY2ECVG5PHGGECP47K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: -wqJdsyFdBtgYvrfxVJ9_yzzf00XdzHKcimvVpaGpH-c9jioNvYhoQ==

GET
H2 200 prebid4.43.0-4.js Show response
cds.connatix.com/p/plugins/ Frame 95BE 381 KB
103 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: br
last-modified: Thu, 02 Dec 2021 15:13:51 GMT
age: 739962
etag: "e0908e656154cdf7c73f3852e04c6ceb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 105742

GET
H2 200 pixel;r=1680196524;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F;uht=2;fpan=1;fpa=P0-247186926-1639679199297;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211...
pixel.quantserve.com/ 35 B
372 B 13ms
12ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1680196524;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F;uht=2;fpan=1;fpa=P0-247186926-1639679199297;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;us_privacy=1---;ref=;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1639679199297;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2018%2F04%2F12084846%2Ftp_tw%2Cimage%3Awidth.1024%2Cimage%3Aheight.512%2Ctype.website%2Ctitle.Category%3A%20Videos%20%7C%20Threatpost%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fcategory%2Fvideos%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0BBB 598 KB
194 KB 22ms
7ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 149915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5BA8 44 KB
17 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 528B 598 KB
194 KB 9ms
8ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 149915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6292 598 KB
194 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 149915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 62ms
44ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=1292139180.1639679199&jid=1985454569&_u=YEBAAEAAAAAAAC~&z=511224610

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 69ms
45ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=1292139180.1639679199&jid=1985454569&_u=YEBAAEAAAAAAAC~&z=511224610

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
742 B 612ms
303ms XHR
application/json 63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.17.0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 592e79408d6f16d00daa096608e75d85401efe29a99a7626ef7ca9356fe47db2

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
474 B 172ms
153ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56a05089f0f10dc1dd76abd7dceebb3f72a4a7b5590644104353732aeef4a926

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6be9f618281e5c62-FRA
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 103ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/216477/0/ 0
170 B 80ms
48ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=5.17,2.1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
984 B 320ms
137ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:39 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 101ms
79ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: a5d64964e1684ede0dce5b0c56f1aad6f526dcb18a4cfe18cae01a055a253fa4

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 103ms
81ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 75d3fc2d1bb048b9d696f3c00f22304c2710f1d238920628a07f7931f03742ea

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 101ms
79ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e9d9a334915ac295b5c5ab44ad7bb02dbe94997786ffe7f57a2534a7d4eb85ec

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 322ms
301ms XHR
text/plain 35.157.146.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.146.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-146-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 37ms
17ms XHR
text/plain 35.157.146.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.146.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-146-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
113 B 33ms
13ms XHR
text/plain 35.157.146.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.146.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-146-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 361 B
1 KB 40ms
13ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1c6622f02cd6e606fcda9cdfbc37c945625c02086225f948e77b83264dba9b92

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9d8cc504-e368-4178-bf87-5773888c6e7a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 531 B
2 KB 143ms
91ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=1dcae34c-0427-4dbb-bafd-ea1a4520ae0f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5224703632899559
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3267f58f2b0bee4ffb46680b4a12be72561448cdc82175910561a4e4618b9cf3

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 531
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 529 B
2 KB 146ms
92ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=ed01eadc-8931-45eb-a0f4-68f7cd3fcad1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18906140356704348
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3029ba4bcb164bfae62b5b134f9f6b32b48dcd7bbac7a32fe0f348d30d2d875b

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 529
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 529 B
2 KB 145ms
91ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=8216d68d-4fe2-4e58-a3c0-6a7f92e78401&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3174552791209577
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0146d9f4c9c8f26cbef60f87e74c273497146ae100f1670e28f6f8379aba6c95

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 529
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 529 B
2 KB 160ms
106ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=8216d68d-4fe2-4e58-a3c0-6a7f92e78401&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4601630069953826
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 94f7bcdcf91a285548bbc87fbc30fc715dac94718c95f3d898b5d4db9087307e

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 529
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 360 B
1 KB 56ms
30ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

16fa58785a51fcb37cd53b7bdb0330f6300bc4ea867e6d073d2e7644e22e3468

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a5301723-b7e9-4d57-a0da-0106b4deaef4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 360
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
169 B 282ms
93ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Thu, 16 Dec 2021 18:26:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://threatpost.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
263 B 83ms
64ms XHR
application/json 3.125.147.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.17.0&referrer=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tmax=1200&gdpr=false

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.147.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-147-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
teachingaids-d.openx.net/w/1.0/ 173 B
590 B 72ms
54ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1dcae34c-0427-4dbb-bafd-ea1a4520ae0f%2C1dcae34c-0427-4dbb-bafd-ea1a4520ae0f%2Ced01eadc-8931-45eb-a0f4-68f7cd3fcad1%2C8216d68d-4fe2-4e58-a3c0-6a7f92e78401%2C8216d68d-4fe2-4e58-a3c0-6a7f92e78401&nocache=1639679199429&gdpr=0&x_gdpr_f=1&id5id=0&pubcid=d713c038-e7c7-4eb7-ae57-3250b4c2c964&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divids=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&aucs=%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: a3ccf75b921172cd2e67af3a1a09b49efdce7c58160b33bcdb912038b840b155

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 548 B
606 B 437ms
370ms XHR
application/json 52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=280
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 1009 B
1 KB 107ms
87ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2263c8d5645224b14%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F%22%2C%22domain%22%3A%22threatpost.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22threatpost.com%22%7D%2C%22keywords%22%3A%22Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%22id5id%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d2295919c6d9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2265b5532f5f5e3eb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%226648c5665f7e471%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3321428797116159b29a478c5695b074baf92149a9e4af8fde67733c19984306

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.81], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://threatpost.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1009
x-ak-client-geo: 12
expires: Thu, 16 Dec 2021 18:26:40 GMT

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/ Frame 5BA8 309 B
272 B 7ms
7ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/playlist.m3u8?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:47:24 GMT
age: 109386
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E95 37 KB
13 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 17:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:37:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BA8 107 B
549 B 39ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FD32 37 KB
13 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 17:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:37:50 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7F69 37 KB
13 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 17:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:37:50 GMT

GET
H2 200 0.m3u8 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/ Frame 5BA8 607 B
346 B 7ms
7ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/0.m3u8?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 736dd0f804272aca5708980f4be5c54309665ce5957a32889f2fd0dbefe33422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:47:23 GMT
age: 109385
etag: "d3fcd4812a940155e4691817aae75fc7"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 255

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 77ms
29ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://threatpost.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1961
date: Thu, 16 Dec 2021 18:26:40 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 95BE
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=aDKR63wrNHBGRFNZUnlpZUQ2MWFPVGpObCtUUUZlMDI0SXV6Z2Q2WVdIOWVVU0VvZUxxRFZQckxCd21ESlFDOHVOQ2EwSEpBYWZpYTZPTGgvQk9DUVFFaU9LMWdQN08vbjR4eHlCQmRvVURyUUFlZ1hGVnJqNXhueXlZZm...

361 B
619 B

49ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aDKR63wrNHBGRFNZUnlpZUQ2MWFPVGpObCtUUUZlMDI0SXV6Z2Q2WVdIOWVVU0VvZUxxRFZQckxCd21ESlFDOHVOQ2EwSEpBYWZpYTZPTGgvQk9DUVFFaU9LMWdQN08vbjR4eHlCQmRvVURyUUFlZ1hGVnJqNXhueXlZZmNMNU5ucmpPaXVXb0RCT3VZYVVvbjFFc05tMTBySEFwYldlNUo2ZUo1dTc4dUhYSEhFRjdMU2F0WER2WFMwLzhqSUdwVmI0b1EyOEt0bnlTdklsQk4wL2I0SkQyVy9QMUtsNytSSUsySzFxbW1BZm91Z3FFPXw&cppv=2

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

52b91bf10e80dd65f4cee4e4a9fd528c5bf6f7f0bf09a1216201cb4b6c963530

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2497
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:39 GMT
location: https://mug.criteo.com/sid?cpp=aDKR63wrNHBGRFNZUnlpZUQ2MWFPVGpObCtUUUZlMDI0SXV6Z2Q2WVdIOWVVU0VvZUxxRFZQckxCd21ESlFDOHVOQ2EwSEpBYWZpYTZPTGgvQk9DUVFFaU9LMWdQN08vbjR4eHlCQmRvVURyUUFlZ1hGVnJqNXhueXlZZmNMNU5ucmpPaXVXb0RCT3VZYVVvbjFFc05tMTBySEFwYldlNUo2ZUo1dTc4dUhYSEhFRjdMU2F0WER2WFMwLzhqSUdwVmI0b1EyOEt0bnlTdklsQk4wL2I0SkQyVy9QMUtsNytSSUsySzFxbW1BZm91Z3FFPXw&cppv=2
strict-transport-security: max-age=86400; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1799
content-length: 482
expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/216475/0/ Frame 95BE 0
170 B 19ms
18ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 mvo Show response
tag.1rx.io/rmp/233148/0/ Frame 95BE 0
170 B 16ms
16ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 95BE 143 B
1 KB 342ms
342ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1952ac59959557d264c9625aa551ecb5a3cbedb6f73eedcf89bce0c65c8165b5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6ab3faed-bfee-43c2-b7c4-33c6050f69dd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame 95BE 13 KB
14 KB 132ms
132ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a26b67d8e158c37ce4f75b64a1447e215b77c6a767fabc7007da3006c437948a

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:39 GMT
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
content-type: application/json

GET
H3 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 95BE 106 B
127 B 58ms
40ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9fb53d56-dcd5-42fd-980e-7eacf696b9fb&nocache=1639679199552&gdpr=0&pubcid=c387521a-8024-44dc-9954-8d1350132e3f&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
via: 1.1 google
server: OXGW/17.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 95BE 37 B
331 B 59ms
59ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?t=900&s=435870&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2211222f21ed577ec%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212254aeab56a3c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2df84db555f2c7745e615e3da797d7a080713a5888f103c1450f89b4dfde364d

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.81], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://threatpost.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 16 Dec 2021 18:26:40 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/233098/0/ Frame 95BE 0
170 B 18ms
18ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 95BE 37 B
331 B 35ms
35ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?t=900&s=435871&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2215a238791f500f7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22162b7f0955fa318%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 922bf8980629432ac8d97c31c24b90724798b5df09d1e17834dbe7fa8939925c

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.81], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://threatpost.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 16 Dec 2021 18:26:40 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 95BE 0
215 B 248ms
220ms XHR
application/json 18.196.20.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.20.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-20-13.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 95BE 4 KB
4 KB 246ms
246ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6753ddbb7584e2b67de31188ad4fb1a3b884df3cf930e6e2bae07ba4a2b03316

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 14e0c4ac-a59f-4c7a-8b95-063a8a2c978a
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 95BE 0
17 B 141ms
94ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
x-nbr: 1
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
vary: origin, Accept-Encoding

GET
H3 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 95BE 106 B
127 B 41ms
40ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=30199f6e-0652-4eba-920d-cc712373c1b3&nocache=1639679199570&gdpr=0&pubcid=c387521a-8024-44dc-9954-8d1350132e3f&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C66709b23-5cf4-4f35-98a1-7f2cd8619a21%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
via: 1.1 google
server: OXGW/17.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/216476/0/ Frame 95BE 0
170 B 16ms
16ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 95BE 0
59 B 44ms
44ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 36ms
20ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 890194
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx56f6954d69344d85a3796-0061adeed0
x-amz-id-2: tx56f6954d69344d85a3796-0061adeed0
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jLF3C9CbjMYvP20x5rtoMVtBCIoKgcuyy1mQ3xiGw9WVPiWM62eISCON4kG8%2FWmNgmHl9k7nCECaQJ45w8u1QcPBvSwL1uQxqq4p5BPdoLk%2FhhRQZiITDLDMIlAQhP0rjjwq%2FmACBxIzgWb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6be9f61939d76967-FRA
access-control-allow-headers: Authorization

OPTIONS
H2 200 0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/ Frame 0
0 6ms
6ms Preflight 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Thu, 16 Dec 2021 18:26:40 GMT
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/ Frame 5BA8 1 KB
1 KB 7ms
6ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 16935e1c30263b7766bcd0fd2547b9e364c6d4d65c0b8b5e9e90bd64bc0fec39

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-1361

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
last-modified: Tue, 14 Dec 2021 10:47:23 GMT
age: 109384
etag: "d09f4879a74aacf049b957bbb46c179d"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1361/5190926
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1362

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Thu, 16 Dec 2021 18:26:40 GMT
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/ Frame 5BA8 795 KB
796 KB 7ms
7ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 729f47d65350e54a025b0d61ab82fa9f16b414fe822c21f4acfafcc344cbfeb0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=1362-815916

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
last-modified: Tue, 14 Dec 2021 10:47:23 GMT
age: 109384
etag: "d09f4879a74aacf049b957bbb46c179d"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1362-815916/5190926
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 814555

POST
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ Frame 95BE 63 B
324 B 55ms
27ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 6638bb830c3bff956ffcf1b506e979da26d172e98bfb6fa096a216ab585c48b7

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 63

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 54ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1191
date: Thu, 16 Dec 2021 18:26:40 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

POST
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ Frame 95BE 63 B
324 B 18ms
18ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: a4faa4dc80d0088b78b840b99d3777f205f79e3d3f493be7e82033204e9ac408

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 63

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 5BA8 0
315 B 108ms
108ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0BBB 156 B
625 B 221ms
220ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=564982082147506&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=7410EEEF-69DA-4BAE-93A1-87D58545E9BA&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dt=1639679199930&cookie_enabled=1&scor=3654227035788524&ged=ve4_td2_tt0_pd2_la2000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ Frame 5BA8 13 KB
5 KB 14ms
14ms XHR
application/xml 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache?uuid=139d49d7-1385-4ea5-8baa-b110285b4fdf
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: a07442ff972b2d6eb0220d6b1a859fd116bd65c4c13ec3bf4d16962b32d3a043

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/xml
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ Frame 5BA8 4 KB
3 KB 30ms
15ms XHR
application/xml 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache?uuid=9a4578bc-f8df-4bd8-9e89-c5a172a5493b
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: d4d649db2848c978c607f7f588bfa065d8bd8ae6d0b3b44b0ee53aece005e6c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/xml
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Thu, 16 Dec 2021 18:26:40 GMT
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/ Frame 5BA8 663 KB
663 KB 7ms
7ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/c1601334-cd9a-4d78-89ad-9ef2418ea7fb_/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12e69b014a1d82f15c732919b28c978f60cd61b62a9290b581bb3bc06a3daf99

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=815917-1494513

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
last-modified: Tue, 14 Dec 2021 10:47:23 GMT
age: 109385
etag: "d09f4879a74aacf049b957bbb46c179d"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 815917-1494513/5190926
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 678597

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame A9DC 152 KB
36 KB 43ms
22ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446009&vtype=1&imprId=2F673378-D668-47E6-9104-B7A75578755D&adServerId=243&campaignId=22918&crID=ghq46ojf&ucrid=755815154131570317
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H/1.1

200
OK

ab Show response
ams1-ib.adnxs.com/ Frame 5BA8
Redirect Chain

https://ams1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQnghLthAAAAABE6KSzXTqz8RBnghLthAAAAACCr5I6dASgAMMAIOOc3QMyyYUjD6pcCUJ-ZpQhY4dYBYgJERWgBcAF4AIABAogBAZABkAOYAeEBoAEAqAGr5I6dAbABAQ..&s=01bf9...
https://ams1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&e=wqT_3QLnD-jnBwAAAwDWAAUBCOCJ7o0GELrSsLntiav-RBgAKjYJcvkP6bcv3D8RW5TZIJOM1j8ZAAAAIIXrG0AhW...

10 KB
5 KB

60ms
60ms

XHR
application/xml

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&e=wqT_3QLnD-jnBwAAAwDWAAUBCOCJ7o0GELrSsLntiav-RBgAKjYJcvkP6bcv3D8RW5TZIJOM1j8ZAAAAIIXrG0AhWw0SACkRJAAxARvArkfpPzCfmaUIOOc3QMAISFJQq-SOnQFYy496YABo56WpAXiD6AWAAQGKAQNVU0SSAQEG8MmYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAidodHRwczovL3RocmVhdHBvc3QuY29tL2NhdGVnb3J5L3ZpZGVvcy_yAr0JChNUVERfVkFTVF9QQVJBTUVURVJTEqUJJnQ9MSZhaWQ9NDk3MTAzNzU0MzMyNzYwNzA5OCZ3cGM9VVNEJnNmZT0xM2YzMDRlMCZwdWlkPSZ0ZGlkPTAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwARnwizAwMCZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNXFpOGRWMjhhZ21GUUh4VDFpa2hsa3ZSbGsyd2RweE5tNndOcm9XRXpPTS4mYnA9MC42MDY2Mjg3OTUxNDgzNDk1OTI0OSZjZj0yODI1NDM2JmZxPTAmdGRfcz10aHJlOSFQJnJjYXRzPW12ayZtY2F0PSZtc3RlPiQAOG1mbGQ9NCZtc3NpPSZtZgEG8KR1aG93PTExNSZhZ3NhPSZyZ3o9MjIwNDkmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9ZGUmbWxhbmc9JnN2cGlkPTcxNDMmZGlkPSZyY3h0PU90aGVyJmxhdD01My41NzAwMDAmbG9uPTEwLjA1MDAwMCZ0bXBjPSZkYWlkPSZ2cD0wJm8BqWhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JgAgrLSsNlvDeJnZwYj1QcmVSb2xsJmRjPTgyJnZjYz1FTFFCR0xRQk1nUUlBZ2dKT2dRSUFRZ0NRQUZJQVZBQ2lBRUNvQUdRQTZnQjRRSElBUUhRQVFQb0FRS0FBZ09LQWd3SUFRZ0VDQUlJQlFnRENBYWFBZ0lJQXFBQ0FxZ0NBc0FDQWcuLiZzdj1hcHBuZXh1cyZwaWRpPTMxMjEmYWR2aT0xODMyMDQmY21waT0yMDM3ODk5JmFnaT0xMDQ3MDY2MCZjcmlkaT0yMTU3MTI2MSZzdmk9NyZjbXA9MXdoOW8zdCZ2ciGWLDQlMmMxNSZydXJsPWUyICUzYSUyZiUyZjY4AxQlMmZjYXRlOgglMmZpPBAlMmYmdEGf9MkDcE1LZ0dLWE9oZGltV29IZHBpMWVwU1I5SE9BUVhaYlZJOTMybTg1S0dVcy4mYz1DZ2RIWlhKdFlXNTVFaUpHY21WbElHRnVaQ0JJWVc1elpXRjBhV01nUTJsMGVTQnZaaUJJWVcxaWRYSm5HZ0FpQjBoaGJXSjFjbWN3QWpnQ1NBQlFBWUFCQUlnQkFwQUJBQS4uJmR1cj1DakFLREdOb1lYSm5aUzFoYkd3dE1TSWdDUF9fX19fX19fX19fd0VTRTNSMFpGOWtZWFJoWDJWNFkyeDFjMmx2Ym5NLiZkdXJzPVV2QVh2cyZjcnJlbHI9JmFkcHQ9YW5vciZpcGw9MTczODY2NTUmZnBhPTcyNiZwY209MyZncmRjPUNBRS4mdmM9MyZzYWlkPTM2NzE4MjI4ODM1MTk2MzQwMzImaWN0PVVua25vd24mYXVjdD0xJmltPTEmbWM9OGI4ZTkyNTAtZDE5My00N2ZmLTg2ZmYtYTA3YjdmZmVlZDBm8gI9ChVUVERfVkFTVF9JTVBSRVNTSU9OSUQSJGUzNWM3YzY2LWM5YzEtNGQxNy04OWExLWE1N2Y1MzEwZmRmM4ADAIgDAZADAJgDF6ADAaoDxAEKlwFodHRwczovL2luc2lnaHQuYWRzcnZyLm9yZy9lbmR1c2VyL3Zhc3QvP2lpZD0ke1RURF9WQVNUX0lNUFJFU1NJT05JRH0mY3JpZD1naHE0Nm9qZiZ0dGRfcHJldmlldz0ke0lTX1BSRVZJRVd9JndwPSR7QVVDVElPTl9QUklDRX0ke1RURF9WQVNUX1BBUkFNRVRFUlN9GhM0OTcxMDM3NTQzMzI3NjA3MDk4KgQzMTIxOg1vcnRiLWdocTQ2b2pmwAPgqAHIAwDYA7bVtwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTM2LjI0My4xOTguODGoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBKvkjp0BiAUBmAUAoAXwtNrS1e67-jLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGjdgB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMXdoOW8zdLoHDwgAEAAYACAAMAA4wAZAAMgHg-gF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfViwOKCAIQAA..&s=906fca925210de081edb863ef21f30d24bca0b86

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c991a9ee49b9501cd48bd4dae61f721f2981dd2165209cdfb4f4b9074fd60062

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Content-Encoding: gzip
X-Creative-ID: 329495083
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 59fa67d1-b9f8-4967-8fe0-cfa2ff800524
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:40 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f876623c-38eb-462d-b278-f1a74bccab9b
Server: nginx/1.17.9
Access-Control-Allow-Origin: https://threatpost.com
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ams1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&e=wqT_3QLnD-jnBwAAAwDWAAUBCOCJ7o0GELrSsLntiav-RBgAKjYJcvkP6bcv3D8RW5TZIJOM1j8ZAAAAIIXrG0AhWw0SACkRJAAxARvArkfpPzCfmaUIOOc3QMAISFJQq-SOnQFYy496YABo56WpAXiD6AWAAQGKAQNVU0SSAQEG8MmYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAidodHRwczovL3RocmVhdHBvc3QuY29tL2NhdGVnb3J5L3ZpZGVvcy_yAr0JChNUVERfVkFTVF9QQVJBTUVURVJTEqUJJnQ9MSZhaWQ9NDk3MTAzNzU0MzMyNzYwNzA5OCZ3cGM9VVNEJnNmZT0xM2YzMDRlMCZwdWlkPSZ0ZGlkPTAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwARnwizAwMCZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNXFpOGRWMjhhZ21GUUh4VDFpa2hsa3ZSbGsyd2RweE5tNndOcm9XRXpPTS4mYnA9MC42MDY2Mjg3OTUxNDgzNDk1OTI0OSZjZj0yODI1NDM2JmZxPTAmdGRfcz10aHJlOSFQJnJjYXRzPW12ayZtY2F0PSZtc3RlPiQAOG1mbGQ9NCZtc3NpPSZtZgEG8KR1aG93PTExNSZhZ3NhPSZyZ3o9MjIwNDkmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9ZGUmbWxhbmc9JnN2cGlkPTcxNDMmZGlkPSZyY3h0PU90aGVyJmxhdD01My41NzAwMDAmbG9uPTEwLjA1MDAwMCZ0bXBjPSZkYWlkPSZ2cD0wJm8BqWhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JgAgrLSsNlvDeJnZwYj1QcmVSb2xsJmRjPTgyJnZjYz1FTFFCR0xRQk1nUUlBZ2dKT2dRSUFRZ0NRQUZJQVZBQ2lBRUNvQUdRQTZnQjRRSElBUUhRQVFQb0FRS0FBZ09LQWd3SUFRZ0VDQUlJQlFnRENBYWFBZ0lJQXFBQ0FxZ0NBc0FDQWcuLiZzdj1hcHBuZXh1cyZwaWRpPTMxMjEmYWR2aT0xODMyMDQmY21waT0yMDM3ODk5JmFnaT0xMDQ3MDY2MCZjcmlkaT0yMTU3MTI2MSZzdmk9NyZjbXA9MXdoOW8zdCZ2ciGWLDQlMmMxNSZydXJsPWUyICUzYSUyZiUyZjY4AxQlMmZjYXRlOgglMmZpPBAlMmYmdEGf9MkDcE1LZ0dLWE9oZGltV29IZHBpMWVwU1I5SE9BUVhaYlZJOTMybTg1S0dVcy4mYz1DZ2RIWlhKdFlXNTVFaUpHY21WbElHRnVaQ0JJWVc1elpXRjBhV01nUTJsMGVTQnZaaUJJWVcxaWRYSm5HZ0FpQjBoaGJXSjFjbWN3QWpnQ1NBQlFBWUFCQUlnQkFwQUJBQS4uJmR1cj1DakFLREdOb1lYSm5aUzFoYkd3dE1TSWdDUF9fX19fX19fX19fd0VTRTNSMFpGOWtZWFJoWDJWNFkyeDFjMmx2Ym5NLiZkdXJzPVV2QVh2cyZjcnJlbHI9JmFkcHQ9YW5vciZpcGw9MTczODY2NTUmZnBhPTcyNiZwY209MyZncmRjPUNBRS4mdmM9MyZzYWlkPTM2NzE4MjI4ODM1MTk2MzQwMzImaWN0PVVua25vd24mYXVjdD0xJmltPTEmbWM9OGI4ZTkyNTAtZDE5My00N2ZmLTg2ZmYtYTA3YjdmZmVlZDBm8gI9ChVUVERfVkFTVF9JTVBSRVNTSU9OSUQSJGUzNWM3YzY2LWM5YzEtNGQxNy04OWExLWE1N2Y1MzEwZmRmM4ADAIgDAZADAJgDF6ADAaoDxAEKlwFodHRwczovL2luc2lnaHQuYWRzcnZyLm9yZy9lbmR1c2VyL3Zhc3QvP2lpZD0ke1RURF9WQVNUX0lNUFJFU1NJT05JRH0mY3JpZD1naHE0Nm9qZiZ0dGRfcHJldmlldz0ke0lTX1BSRVZJRVd9JndwPSR7QVVDVElPTl9QUklDRX0ke1RURF9WQVNUX1BBUkFNRVRFUlN9GhM0OTcxMDM3NTQzMzI3NjA3MDk4KgQzMTIxOg1vcnRiLWdocTQ2b2pmwAPgqAHIAwDYA7bVtwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTM2LjI0My4xOTguODGoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBKvkjp0BiAUBmAUAoAXwtNrS1e67-jLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGjdgB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMXdoOW8zdLoHDwgAEAAYACAAMAA4wAZAAMgHg-gF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfViwOKCAIQAA..&s=906fca925210de081edb863ef21f30d24bca0b86
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 101ms
101ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 5BA8 0
334 B 204ms
101ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
transfer-encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
538 B 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 159 KB
44 KB 586ms
586ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3446106993910111&correlator=1905179105151343&output=ldjh&impl=fifs&eid=44752541&vrg=2021120601&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20211216&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF%2Cthreatpost-300x250-ATF%2Cthreatpost-300x600-ATF%2Cthreatpost-2x2-Skin%2Cthreatpost-AdX-Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2%2C1x1&ists=1&fas=0%2C0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_adid_ix%3D68c8f68d034e928%26hb_bidder_ix%3Dix%26dyn_bids%3D0.02%26hb_adid%3D68c8f68d034e928%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%7C&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fcategory%252Fvideos%252F%26urlquery%3Dgoogfc%26contentid%3D43265%26category%3Dvideos%26contenttags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1639679200&dt=1639679200056&dlt=1639679197519&idt=1324&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1082%2C1082%2C0%2C-9&adys=8%2C124%2C1143%2C8%2C-9&adks=4166723991%2C1414505084%2C1356251026%2C3771495681%2C2643643476&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&msz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&ga_vid=1292139180.1639679199&ga_sid=1639679200&ga_hid=1369698175&ga_fc=true&fws=0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b600ec7744875a611e9eb9378b5b91e050ae648d03e150a68c054ebdafba2d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44632
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
21ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75e287fc9066136b17e226559ca8a0ecbf0488623a685f7061ee359e2bb430a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8560
x-xss-protection: 0

GET
H2 200 container.html Show response
ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 29C5 6 KB
4 KB 61ms
16ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 16 Dec 2021 18:26:40 GMT
expires: Fri, 16 Dec 2022 18:26:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 602ms
601ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 18:26:41 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7F0F 38 KB
14 KB 8ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446009&vtype=1&imprId=2F673378-D668-47E6-9104-B7A75578755D&adServerId=243&campaignId=22918&crID=ghq46ojf&ucrid=755815154131570317
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=106370
expires: Fri, 17 Dec 2021 23:59:30 GMT
date: Thu, 16 Dec 2021 18:26:40 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
insight.adsrvr.org/enduser/vast/ Frame A9DC 20 KB
20 KB 107ms
36ms XHR
text/xml 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/enduser/vast/?t=1&iid=28557cd0-7fde-4948-8a4a-b46d07397284&crid=ghq46ojf&wp=0.460431&aid=1&wpc=USD&sfe=13f304e0&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=pj549kn&ag=ne6xjxo&adv=7kn31tr&sig=19zf66jwEyIiFZNcsgRQh0qowr9c53B5O6gFsMx3_fUY.&bp=0.60662879514834959249&cf=2825436&fq=0&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&uhow=115&agsa=&rgz=22049&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=156858&did=&rcxt=Other&lat=53.580000&lon=10.060000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&vpb=MidRoll&dc=16&vcc=CAEQtAEYtAEyCggCCAUICQgGCAQ6BAgBCAJAAUgBUAKIAQKgAZADqAHhAcgBAdABA-gBA4ACA4oCCAgCCAMIBQgGmgICCAKgAgOoAgGwAgC4AgDAAgA.&sv=pubmatic&pidi=3121&advi=183204&cmpi=2037899&agi=10470660&cridi=21571261&svi=12&cmp=1wh9o3t&vrtd=14,15&rurl=https%3a%2f%2fthreatpost.com%2fcategory%2fvideos%2f&tsig=zeXi9xNrYisWkx0UlwEFDRAWtQjnwAnrc7v9zU1nLKY.&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&adpt=pubo&ipl=2446009&fpa=759&pcm=3&grdc=CAE.&vc=3&said=2081977A-531C-4DD2-9F83-9880C16AECA2&ict=Unknown&auct=1&im=1&mc=8b8e9250-d193-47ff-86ff-a07b7ffeed0f
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446009&vtype=1&imprId=2F673378-D668-47E6-9104-B7A75578755D&adServerId=243&campaignId=22918&crID=ghq46ojf&ucrid=755815154131570317
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: 51fe9d76c24f956c3352ca3c5d984e22e93009399e965fde2ba883709896611a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 52ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 16 Dec 2021 18:26:40 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7F0F 2 KB
2 KB 79ms
27ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70787397&p=156858&s=630907&a=2446009&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c3489cd46697dc041f906d0fa9c4932d0a032693a12a366323ce651184dacc22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1810
content-type: text/html; charset=UTF-8

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BA8 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB00 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 16 Dec 2021 18:17:05 GMT
expires: Fri, 16 Dec 2022 18:17:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 546D 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d4fe6b93033b5a6a0fce5ea6673ff97fb5081858b2ed391c6bdef8658065898

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6Qc3oyrkjNYgl62dmWSoyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 16 Dec 2021 18:26:40 GMT
date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6Qc3oyrkjNYgl62dmWSoyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6292 156 B
144 B 321ms
321ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3843699438568008&cust_params=domains%3Dthreatpost.com&ad_type=video&us_privacy=1---&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1232260695&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=A790144D-8905-4A81-8930-5E4D74F9EF3D&nel=1&eid=44737475%2C44750604%2C44752711&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dlt=1639679197626&idt=2263&dt=1639679200201&cookie_enabled=1&scor=4275072326767375&ged=ve4_td2_tt0_pd2_la2000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=890642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame A9DC 4 KB
2 KB 62ms
35ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=890642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446009&vtype=1&imprId=2F673378-D668-47E6-9104-B7A75578755D&adServerId=243&campaignId=22918&crID=ghq46ojf&ucrid=755815154131570317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

748e28bf532fda95f623d36c2de4916a7f3dff7523cf629b1f66ad38cb04589b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1439
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 5788
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA

35 B
467 B

20ms
20ms

Document
image/gif

37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Dec 2021 18:26:40 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 16 Dec 2021 18:26:40 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F9BC
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7918867047318286971

42 B
366 B

13ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7918867047318286971
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Dec 2021 18:26:40 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug020:0:407
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7918867047318286971
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 526B 43 B
334 B 56ms
21ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Thu, 16 Dec 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 577809

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FSDAsEkVSC6O3oTx56YRyg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

11ms
11ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=32251
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Fri, 17 Dec 2021 03:24:11 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7F0F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3e1961bb-84e0-4600-baae-3f1a6ae2d154

0
260 B

42ms
14ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3e1961bb-84e0-4600-baae-3f1a6ae2d154
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: MT3 4133 baa842e master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3e1961bb-84e0-4600-baae-3f1a6ae2d154
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Dec 2021 18:26:39 GMT

GET

/
pixel.onaudience.com/ Frame 7F0F
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=1520C0B0-4915-482E-8EDE-84F1E7A611CA
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=81af1dac-941a-4a28-8cd7-842422c9914d&icm

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7F0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUyMEMwQjAtNDkxNS00ODJFLThFREUtODRGMUU3QTYxMUNB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
341 B

45ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:39 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:308
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7F0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA96iYDAMFgHGQwZw5WOPrg&google_cver=1

42 B
441 B

45ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA96iYDAMFgHGQwZw5WOPrg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 16:13:37 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:477
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA96iYDAMFgHGQwZw5WOPrg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7F0F 43 B
616 B 62ms
16ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 15 Dec 2021 18:26:40 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7F0F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09&gdpr=0&gdpr_consent=

42 B
649 B

42ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:38 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:499
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 16 Dec 2021 18:26:40 GMT
Server: MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Dec 2021 18:26:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 546D 0
0 70ms
55ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3446106993910111&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame CB00 35 KB
13 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 16:07:01 GMT

GET
H/1.1 200
OK 59213328 Show response
unified.adsafeprotected.com/v2/906389/ Frame A9DC 15 KB
4 KB 156ms
60ms XHR
text/xml 34.241.64.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/906389/59213328?mon=59213338&omidPartner=%5BOMIDPARTNER%5D&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=%%TTD_SITE%%&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvGahzwJTyWoC-mhs_Yw0ta7oELbvKl2m0xHhrFukUN_1HukyWs5qAH7G54yeTZi2oFWhXe3dn-MT9fA1_kKcxrsJl_gKOE1dHjT9UrfLKtdISHER8VrUqMweuQarAM9UR8AILNAyxLDr4RTKZUsyNcpw%26sig%3DCg0ArKJSzCwzS_YblmeLEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&originalVast=https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980%3Bsz%3D0x0%3Bord%3D890642%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5Njc5MjAwODk5Cg%3Bdc_cid%3D163110868%3Bdc_adid%3D515721403%3Bdc_vpaid%3D0%3B
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446009&vtype=1&imprId=2F673378-D668-47E6-9104-B7A75578755D&adServerId=243&campaignId=22918&crID=ghq46ojf&ucrid=755815154131570317
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.64.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-64-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 06590a40d95c73c552211092005ed10cc79baa79fa287c0e152461ab6a4e1857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:41 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3685

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3446106993910111&bg=!QUKlQgbNAAZKWFskSlg7ACkAdvg8WijHVNSAs5r38memSUpeOBN1cVcWNGadOfopdeZDw0BJSU9-2wIAAABrUgAAAAVoAQeZAs-YzYgTioVKuXncPRHV_5FRDsA1NvHUm3riU4RT96RlRudGipI31zaw3XtuR-Py7Yhrr0vCJQAf1ctpcSNY5tr8bJD5U_JFOYcZ9ux-rq6XuAn7NCHRkA5bjM0ma-ePcOIe4UMearV0kSVMrrcSqvY-uxlTypArfXHjxlId5EvHYtIPB-ydGrmD-Y8SakzDQgRp1sxl2sz1eX1RzPsirQePI6bqyyDGkAJvkVOkqQNlkUSLJMNgS9xqEFz0rZHBzVqCrQ7OaUDBUIqVPALelHFDVOQ212g94PFsTKWyplZDA5mjE1WvbVQiP47zoqCkQDwivTRhV7QKpy0Z0V296CawdZFzuUZ2HWeUZD_oLI5-wH0wNQlr-NdLUk0fU0tHapl8s2karE4vblV8EvVo4OY-XEbwZV8l0BdMUJTKWsZV0H6u4CTP5NXatkwLCW6HiLfd4zON1iVmzo-p2dEVpZK3PuRqiPQcKSlkn5858hQebbA4Ux-SVnBSGu1_W-rVjcxBfBMzm5hikMzDV-oU4L3RNwQEDkBPlrZugLZqkLRgX-r78LMpIxrbNP0CUyI9HD56wPhNS74igEk1VXQ9o1Y-Z2tokNEMCvuc33Ma1WLmr8A1uN9Ck3F8AjJOP1f7Jw3ugL_FTjFFYKDPNNoW2PIbmitQJZiqhXfiSiJf32w2y21yotlIDurmS05tSjeQH0tUXElcFTdZYiYlNu53DvxK6Rky1sNWF7PP3G2l0P8zFssHLe70x57tsyiO3LGuCR1ykh8KaLkUsoiNRv3PT4gtBZoFJzbbW8cLjaPS-NBI2G9x1q-U1PZqr4Y1jFnRl84DT_oPH7OIItcAlRQYZY0e2pCE9vW52pcMsVhFB_0klcChIrypV9GKNEW-WvEyEgqaggiUBezWu0Eq8zcTe-MBIPK3inBjKkEG4vASz0F9MohuU-k-H2-7e6sWC_VjqA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame A9DC 0
61 B 14ms
12ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446009&wa=243&ts=1639679200&wc=22918&crId=ghq46ojf&ucrid=755815154131570317&impid=2F673378-D668-47E6-9104-B7A75578755D&advertiser_id=8730&ecpm=0.509361&er=982&pfi=1&ch=3&it=5&vadFmt=6&vapi=2&sURL=threatpost.com&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-length: 0
content-type: text/html

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame A9DC 0
100 B 34ms
32ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=900&ast=[ASSETURI]&imp=28557cd0-7fde-4948-8a4a-b46d07397284&ag=ne6xjxo&crid=ghq46ojf&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=pubmatic&uhow=115&agsa=&wp=0.460431&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=156858&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&adpt=pubo&ipl=2446009&fpa=759&pcm=3&ict=Unknown&said=2081977A-531C-4DD2-9F83-9880C16AECA2&auct=1&grdc=CAE.&sfe=13f304e0&vp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 dc_oe=ChMImp7Cgvno9AIVDIzeCh2OOAKPEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame A9DC 42 B
494 B 79ms
45ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImp7Cgvno9AIVDIzeCh2OOAKPEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 5BA8 0
61 B 9ms
9ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446009&wa=243&ts=1639679200&wc=22918&crId=ghq46ojf&ucrid=755815154131570317&impid=2F673378-D668-47E6-9104-B7A75578755D&advertiser_id=8730&ecpm=0.509361&e=96&ier=%5Berrorcode%5D&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK anwrapper-1.999.0.js Show response
acdn.adnxs-simple.com/vx/static/w/ Frame 5C70 152 KB
43 KB 29ms
8ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 14:16:07 GMT
Server: nginx/1.13.10
ETag: W/"607d90a7-26103"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 43880
Expires: Fri, 16 Dec 2022 18:26:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BA8 107 B
122 B 30ms
28ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 204 pack
rb.adnxs-simple.com/ Frame 5C70 0
271 B 44ms
12ms Ping
text/plain 37.252.167.198
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.198 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 53.ratbait.prod.ams1.adnexus.net
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:41 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H2 200 / Show response
insight.adsrvr.org/enduser/vast/ 19 KB
20 KB 38ms
38ms XHR
text/xml 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/enduser/vast/?iid=e35c7c66-c9c1-4d17-89a1-a57f5310fdf3&crid=ghq46ojf&ttd_preview=0&wp=0.440412&t=1&aid=4971037543327607098&wpc=USD&sfe=13f304e0&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=pj549kn&ag=ne6xjxo&adv=7kn31tr&sig=15qi8dV28agmFQHxT1ikhlkvRlk2wdpxNm6wNroWEzOM.&bp=0.60662879514834959249&cf=2825436&fq=0&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&uhow=115&agsa=&rgz=22049&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=de&mlang=&svpid=7143&did=&rcxt=Other&lat=53.570000&lon=10.050000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome+-+Windows&vpb=PreRoll&dc=82&vcc=ELQBGLQBMgQIAggJOgQIAQgCQAFIAVACiAECoAGQA6gB4QHIAQHQAQPoAQKAAgOKAgwIAQgECAIIBQgDCAaaAgIIAqACAqgCAsACAg..&sv=appnexus&pidi=3121&advi=183204&cmpi=2037899&agi=10470660&cridi=21571261&svi=7&cmp=1wh9o3t&vrtd=14%2c15&rurl=https%3a%2f%2fthreatpost.com%2fcategory%2fvideos%2f&tsig=pMKgGKXOhdimWoHdpi1epSR9HOAQXZbVI932m85KGUs.&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&adpt=anor&ipl=17386655&fpa=726&pcm=3&grdc=CAE.&vc=3&said=3671822883519634032&ict=Unknown&auct=1&im=1&mc=8b8e9250-d193-47ff-86ff-a07b7ffeed0f
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: 126b35ec50b5a5cd7819b5f4bb9bd1c67d6ddada46d59a07ebb15a1245fc9592

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 528B 28 KB
7 KB 409ms
408ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2652001744058448&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=4002501869&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=DBD2B07C-131D-4EA8-92AD-790DD3DD77B5&nel=1&eid=21064201%2C44750604%2C44750822&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dlt=1639679197626&idt=2221&dt=1639679200668&cookie_enabled=1&scor=2349869801889154&ged=ve4_td3_tt1_pd3_la3000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b3bc6db4f7960414ed8f4eaa017bf41429d0cdc59c765778de2f3df954aa8de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6702
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3807 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 16 Dec 2021 18:26:40 GMT
expires: Fri, 16 Dec 2022 18:26:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F85E 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 16 Dec 2021 18:26:40 GMT
expires: Fri, 16 Dec 2022 18:26:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C47 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 16 Dec 2021 18:26:40 GMT
expires: Fri, 16 Dec 2022 18:26:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6C7E 52 KB
17 KB 29ms
12ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Dec 2021 18:26:43 GMT
Date: Thu, 16 Dec 2021 18:26:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=858042;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ 4 KB
1 KB 64ms
41ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=858042;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

16ad85aa7620d54c047046f42121c7a9b060cc3f5cfe5094da8e84218c61e099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1439
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 31DA 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 16 Dec 2021 18:26:40 GMT
expires: Fri, 16 Dec 2022 18:26:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 102ms
102ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK 59213328 Show response
unified.adsafeprotected.com/v2/906389/ 15 KB
4 KB 56ms
56ms XHR
text/xml 34.241.64.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/906389/59213328?mon=59213338&omidPartner=%5BOMIDPARTNER%5D&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=%%TTD_SITE%%&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstJ9LpK3cHaWDxEeo2QXChXSUNnbZIjtlKlDAjM0l9A1GFKsFzNNC8ZS-zsP_NaDuIwMm7UsG8bK8zjLrdgiahWBZ2cBExpDmagnKKm4c6PkMn9BRx48kLsRVkpNv2dKRr1EK5IwDIUuwJW5ABY2fxMIA%26sig%3DCg0ArKJSzD3NucuHPGlTEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&originalVast=https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980%3Bsz%3D0x0%3Bord%3D858042%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5Njc5MjAxNTY1Cg%3Bdc_cid%3D163110868%3Bdc_adid%3D515721403%3Bdc_vpaid%3D0%3B
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.64.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-64-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 986d04c80e35c1338100cc1f9677b6d4e4ded885a346649ebf3393ef038d8283

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:41 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3682

GET
H2 200 bl-0af0356-c84a0080.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 3807 49 KB
21 KB 9ms
8ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-c84a0080.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4550853c9c2efdab413d125621a72beac549ab22a67054795d66c7791b258971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:51:28 GMT
content-encoding: gzip
age: 12914
x-cache: Hit from cloudfront
content-length: 20664
x-amz-meta-git_commit: 0af0356
last-modified: Thu, 16 Dec 2021 14:45:08 GMT
server: AmazonS3
etag: "6232504f3cf4940e0d2b3aa9e2d6c84e"
x-amz-version-id: R63xCHahTTTKZcFnIoPqbza15LNanK8D
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: SjaetYII4PDV_t5cMGwRRZRd-xNF0Zvc-tmxdJdXPkHz0JM81jtoEw==

GET
H2 200 b-7b120a5-9b871d4e.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 3807 73 KB
28 KB 9ms
9ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:51:16 GMT
content-encoding: gzip
age: 10542926
x-cache: Hit from cloudfront
content-length: 28179
x-amz-meta-git_commit: 7b120a5
last-modified: Mon, 16 Aug 2021 17:49:31 GMT
server: AmazonS3
etag: "c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id: HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: iqN1AcpIQWU-aR986S5Pcfx-oWGqX6ObERrODsdPEWVJbpjYiH98Yg==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3807 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9Wp6G4tcNc4rao9sb2tatfHeDkrzCr_2E-toA3Om0_S9AGxUJWxBPxIC384MG7cshu2Iy83HgTsNAcMFlXbahEzmn9uYwENAHyMBHZHNRX37w9X8

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3807 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3807 119 KB
36 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:26:41 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3807 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:26:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3807 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEIGQIo_o-L5kNha8GgIILUugv2ITb7mm12cXckqIfxid_pX-RUOOmaihL2Yjzq3bbCave1d9gDHTOCztoqJPrsV83lw
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 bl-0af0356-c84a0080.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame F85E 49 KB
21 KB 10ms
10ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-c84a0080.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4550853c9c2efdab413d125621a72beac549ab22a67054795d66c7791b258971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:51:28 GMT
content-encoding: gzip
age: 12914
x-cache: Hit from cloudfront
content-length: 20664
x-amz-meta-git_commit: 0af0356
last-modified: Thu, 16 Dec 2021 14:45:08 GMT
server: AmazonS3
etag: "6232504f3cf4940e0d2b3aa9e2d6c84e"
x-amz-version-id: R63xCHahTTTKZcFnIoPqbza15LNanK8D
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: OzQdquickFvSBhq8WbSX6BmjdJHVDUHkVuN505dMhUH3E6ybCbysAA==

GET
H2 200 b-7b120a5-9b871d4e.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame F85E 73 KB
28 KB 11ms
11ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:51:16 GMT
content-encoding: gzip
age: 10542926
x-cache: Hit from cloudfront
content-length: 28179
x-amz-meta-git_commit: 7b120a5
last-modified: Mon, 16 Aug 2021 17:49:31 GMT
server: AmazonS3
etag: "c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id: HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ehhBzWJ1rXQQlJvHXEPktFmhLBGukkCipkEaFa0TSv4cJo270_q1Zw==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F85E 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkAg0m-qK0r_OGVFOOH4A4LcxuEXxITI_o4fJeaPaUXbGMOYT3pnktNWnlDrlSjCQsoY3exdSoc0PzOIopHYEtoE-wTV4ZlDO7eS13pmg_s8EIwiE

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F85E 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F85E 119 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:26:41 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F85E 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:26:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F85E 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2e72w71NAoYhqmPI1wVLFmi_aAH-aGQSSIa6seIlpU18xvhHasCVgl-USTlBThvFRhyxGo5QFhfVZb5izHrv57pT-5g
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 bl-0af0356-c84a0080.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 0C47 49 KB
21 KB 10ms
9ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-c84a0080.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4550853c9c2efdab413d125621a72beac549ab22a67054795d66c7791b258971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:51:28 GMT
content-encoding: gzip
age: 12914
x-cache: Hit from cloudfront
content-length: 20664
x-amz-meta-git_commit: 0af0356
last-modified: Thu, 16 Dec 2021 14:45:08 GMT
server: AmazonS3
etag: "6232504f3cf4940e0d2b3aa9e2d6c84e"
x-amz-version-id: R63xCHahTTTKZcFnIoPqbza15LNanK8D
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 6AqB9jVMiHd4IYXlv9pgx7boLGHUwRseT8s87G6vNz1LTV_YWYT3bQ==

GET
H2 200 b-7b120a5-9b871d4e.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 0C47 73 KB
28 KB 10ms
10ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:51:16 GMT
content-encoding: gzip
age: 10542926
x-cache: Hit from cloudfront
content-length: 28179
x-amz-meta-git_commit: 7b120a5
last-modified: Mon, 16 Aug 2021 17:49:31 GMT
server: AmazonS3
etag: "c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id: HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: GHbTvAuxTI-ZCFORVMDKPwU9RfBN7Ky1IaUpe-wLEp7Whii1BWpCbA==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C47 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CeGdJL80N9esbtGxyG8H1lzPZOUo_pItrnbKiWNprk2c_UpdNYKRPDjVqdMqW02rGVOf8AG-Iyg7Ad9SVs43p3K9Xp9VQk6kg5gDOjARTbhNIf29c

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0C47 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C47 119 KB
36 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:26:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0C47 15 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:26:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0C47 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3i0VnlYqhwOqWGHMG31mydho0fxya-L9wMHl_zBnkGyt96aqQhuq42-wZuJO7bXAZJ8HoaV3EMR4Yd6IG09qyqTq6ZQ
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 101ms
101ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6C7E 0
733 B 23ms
23ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:41 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d425f9fd-a657-401a-aea1-37f94a10e8cd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 528B 29 KB
14 KB 122ms
51ms XHR
text/xml 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AgHygys2XvuOZG0Qoa5lpJqQ4tsx4gyR6O2BWp75zDekzTXXUwzlSr_EoQI7HyjQyXD8ZGqCcM5LmTSjgLuiF4dqacqg&dbm_d=AKAmf-AG2zs8L7a9Ug4LIGU1AwvoPVrQUSJiustwr-whV8FUrKLs5D_yQhpOi1i0qdcJqbGljb4O_pDA3KxeUGEqDtGwFROYpKLfMkXj-3fAdm7OUWfkUcD6EdU5yRZFBLDWA1JkoOm3X7epyfeekvSfaqau6vEInwQ9Y4nzgowZqWUWOuqS6DsXVawiaOwvU630JqOkbRsG0DkTmsZi-K7n_m2BrxZGPELmSx4ObentVjFQW8iFM5UeWKhMVNofOq1GXI4UgrWvlLeAuis2om6U9XoVyjCELB5uG5i7dSrwjcWsL3B29L3auAbGDAxDjG13HXv7wKeSZE57zwUKU041DDiSfhR-UmSiBAGMlZrDSJuoI_RU-4VdyeeOOJaNcVQfhO18qWfndG6UMYxiuG1mCclRTDofWxWwVs9fEArWVP5DyKCsI2vLN8yjVkKfGtBp7p3bggThXw5DmwUZfbzBpK1GtKO2MFMTZhqO8AwaHELprbdhQwuLv1oelUXtRCOr98SI20EPhHtD5QBqtfAFUGgrh384a8dlLAszXxh8WbEJ39OOR0mYfnxrb34MzQjbDJERIzCYDAirAu1aQUtrUdJ7nPRo13l4DW6kFEH2K2hq4ASDIqwxwTC9NeW4O3korKD6_ThKU3D7NlWg8IhPYUp8r8NI95N18kH4THcNL41tW2g7n3gB-ZuL18tvlkMTfh7o7SdDiAcbxUTOxFch9MJ-Hkd2a9axgoDzJ2PKm5xvnpvx3xfJwQDOedZ0lgkV1_C2_LvbBlRb_kZyNMzrhGWmLdiRdCZ1BPInG_C-8beYaT_FhwKozeBnmncoaFaFWAsTHQABsi_TYnRGJHaph947IixUyI0rS9tk-KPGw0xvvgxz0Pg5T_FI37sozrZhBJGmB9RgOtSyZ8nZOrTGY9nNVz2ZEnIgZeK0cTHrex70gtFPux-Oug75PwDA98v-G5_9_1CyZ0uO-7hYZkxhPodevphQG2xJangecCTeHbqTOlVCdJC24uDqpJk4dd9Ymn6R0qk4VkJ6hhGUo5LmOu_PAkYWYI3_NjK46dIh2GS2ume8LurbYesDnwoR0mDEulnMR63bmQ0gkmINpeBxKzsm9NgpppkUVv3MYCqdYqXApO3dfyGT3VhOWZjaNkEPmaQ1v03tO4SJpNh_lBdi0Myhw7bP63nNSDCx_l78cX3PQkDTyct8mtboVNmOgLNMepD7pewvOd9yMz_CUlGr3psqne_mmfp7hH2Re9QjnYh6hVowjB6hgtaM_RLoFCxjG9kAP2qr4ETgeWGup-bAThxNXz2AOT2e8342L-g6yWoIRKV4Cw9JsbZ76Npc4FfLdsdF6zyDiTgCIKY4XBCQyb0NpHONRLwQMIXl2HTr56JaHNSh3DFWkTI_5f66dDCyLgKISlpH-yFhUjyZeaX39PXZFVapu3nFiA2DFJUDD4CDNDGQJYAjCjKquOa1hC0nNwMtXVJB8BeRNxTQQZgj41VYm0TMbO_jBXIvVCjA7rjDkgtDS-PAeLyQ-1LfHC55phaH0jI4IbhehaFJ6roZYaVbahgxSmNtgq2wD-EqXK5xurdxGbNyiYtWyPySMmV0H5QJICqw-BvZ6o5dhz_bpACaghieuA49JbUcd4a0ifSILNAfydt5Owe1BvzvuAICiZZGvshOdK4ZqfBIRro_QZpPwMNULEHke_okRLL3kVOwVN0mBPFTTpD08saCnindcxwENuiP6oTjibTjN2_PPXjKTsEu2uzBAS_uZMG2JJzTkTKvU6S0Hi2Y4fAZaZVCtUSsVL_OWrm2Qr1Jvo_eYUplxotjVFls2lKLmD1AcNewX-D0a5zisRdGac4jyRYl-6sKtGE_AsfsXXWC3HpoqBfdXJ8hQQGRl6JjKoJ7Y2w3CcYcHhnmgO_pdxWUZI7-qzVeKyr3at4CftXoPaiqoR0BB6toDaaLOb0AdA7ZYvU51An6Mjaj0_sGkDcE957qUK_U3TaVOvXa6RvEpNz4P1n5OJQ4tgnoCl_4cHaEGPnIeN9vL6ckKLxOoUe7dw9PzKlWBZ9hShTW__7Pf-vJoW4WRXYKyPRNw_k7GyUkJY46ORlpA4Z5BzjaApxxocl0ofYd-MQZsJQa124brwxArL7JCKVzOVIKDB3BJQyJER9pvWRRTKCCf5DhJN_XaNf_bhgto7l5oaKkRF_EO4HHvKnHIZPsPVurC3yLr-wEYTzbd81BqYo7r38wReBM5NT2ev4oS8l_GMrz5BbHsbU1Me6r656S4kJ2UuH_bK40hqPDRzbBKtlSc0Y1TdoA8UnjWfB1MItTNjYiQixJ_2Hz9Og17qgkOXHMuRNhmkABQtGJv5gbCjpWEfX9RBSPJifwiPEUWf4r0jPJsYfxrCyskYQvm-gPBqllvqRi2dwC67DC5UNFKMkMQul5RQkUzPwNRf-nVYztul7u1P19Cb_cUZG2RsHTXV7b0Z1D5JsBeMGolp6q8VeL-OuiFqyHmZE0w9T3oadfyElpfRv6Ic5ah9Q4WvzbLRPiVq-r-ugG0l9XxJaBPU3DrNeeqpaY7oNom218AV11IAoC32tKHcHTMTk_PBSpzsJWxB_O32o4EQBb1JYwryEvYKF4yvnkcMZSHHf4x8OV1ohFP-CDO4U1t18Vw0lPQ-890SKlHyz_i5AeKw7BdEMkZ_INAPrmwO9VO7YOcFQsCsWVChRlDn17lNSA3PXZ5Y_QNC3ETf_Hcd_8TbwaFB_zForcY3IMaVo4NMqdr4jEP_S22-vSZwiMzm_O1hFuzHuFCz8oJe-EO9Hy5BVdxSwSXyho_IsDN41cJ5m3O4yLJcJXYIhmkUYaT184q1KNdM7tkh8zVl7D45Xgvr8hN34BtCxTiLq3VpofIMYz3DaEaCwFx2NQtNDSzpIBNPYVD3a1oRqm9CcCR3v2MJVMdQH4oYhKgrK-PrI52sE78A9tKjjdVIw69qUfTnISw8k9iwR_U2hMph3KW-yl1tn4hNjXwDXRksiKEVeyLb924aEeA0-jyHAzRn0-J_yITLPHWwbcuu6Hs1y1JyGkOIKm8eS05yalX3Y3dXXGMm4WKpLSYBOmNeJOGjPP-hSC1CfDEVSeg4oQpT6m653vou2yP2uPVGGsF0Zt15IhX1FbMjC_&cid=CAASEuRo8txmebOZirl_2w6KIT1u6g&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=4002501869&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=DBD2B07C-131D-4EA8-92AD-790DD3DD77B5&nel=1&eid=21064201%2C44750604%2C44750822&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dlt=1639679197626&idt=2221&dt=1639679201228&ged=ve4_td3_tt1_pd3_la3000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

cafe /

Resource Hash

fc135b5c172643eaaa8a4bb4a7951d8dd419f5e760c0dfbd74b94f71dc48abd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13917
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bl-0af0356-c84a0080.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 31DA 49 KB
21 KB 9ms
9ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-c84a0080.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4550853c9c2efdab413d125621a72beac549ab22a67054795d66c7791b258971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:51:28 GMT
content-encoding: gzip
age: 12915
x-cache: Hit from cloudfront
content-length: 20664
x-amz-meta-git_commit: 0af0356
last-modified: Thu, 16 Dec 2021 14:45:08 GMT
server: AmazonS3
etag: "6232504f3cf4940e0d2b3aa9e2d6c84e"
x-amz-version-id: R63xCHahTTTKZcFnIoPqbza15LNanK8D
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: vTkVKDs2mQObWrzP3qmfj3qiPsoouUePMZIvSlYeTZFB8gjXvHNYug==

GET
H2 200 b-7b120a5-9b871d4e.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 31DA 73 KB
28 KB 9ms
9ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:51:16 GMT
content-encoding: gzip
age: 10542927
x-cache: Hit from cloudfront
content-length: 28179
x-amz-meta-git_commit: 7b120a5
last-modified: Mon, 16 Aug 2021 17:49:31 GMT
server: AmazonS3
etag: "c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id: HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 2W7u-ItISp_4EVA0kK8rT_AeE_Z__XPftVgVTYieA6_fuzH_POnZVQ==

GET
H2 200 css2
fonts.googleapis.com/ Frame 31DA 4 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 16:30:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 18:26:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 18:26:42 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31DA 205 B
229 B 23ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 15:27:48 GMT
x-content-type-options: nosniff
age: 183535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Dec 2022 15:27:48 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31DA 604 B
628 B 9ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:49:32 GMT
x-content-type-options: nosniff
age: 92231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Dec 2022 16:49:32 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 31DA 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:05:56 GMT

GET
H2 200 vpaid.2021.12.06-18.16-53fa379.js Show response
static.adsafeprotected.com/ias/v1/ Frame 71D9 176 KB
42 KB 28ms
9ms Script
application/javascript 2600:9000:2156:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: hyJglT2AMtiKneQgCKziicxwLGehBl.d
content-encoding: gzip
etag: W/"a646de29f94b35023f777c84e6559a47"
age: 82976
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Dec 2021 16:04:48 GMT
server: AmazonS3
date: Wed, 15 Dec 2021 19:23:47 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3HOrLc92SFQ9-ZMHV1IRojPt57P1sYzBhQberk7SbOY823uB4Cf_Sg==

POST
H2 204 pack
rb.adnxs-simple.com/ Frame 5C70 0
270 B 14ms
14ms Ping
text/plain 37.252.167.198
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.198 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 53.ratbait.prod.ams1.adnexus.net
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:42 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1D3E 499 B
799 B 41ms
20ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhia_bW3ATAB&v=APEucNU40ZCWMaHdrEg2aZvCo2KhYeCrED47XCtZ6r-jpBfrX7oK2KWdr2B8Js7k3lh16rBzFoJ2lBxpvum1zDe3xnQ0BNf-A_A_H-ICQHZ3mpTU8b03qIQ

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 16 Dec 2021 18:26:42 GMT
server: cafe
cache-control: private
content-length: 237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 18:26:42 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3807 77 KB
30 KB 94ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C347Yy2CBGBU3DoxlsQSB15Mqymm0VDtZvLZ9-jE7N_yOXhGKSb5aqrI-64q367GWPLEtjd_qrz8As57i4jI3YCfePkqpNmxASXRxTBwzVOg4pWIFWrHgl4NEECGAlc13ppHAV3sy-Qb8TcjdK3J3UFs8ujQ&dbm_d=AKAmf-Am3-YwjwmVyKRIERfTXhXSrTcurPzxejmpVsA4ahJAMr3YfJBWqcFd-iZkTEQAOPvnrkpFu_tM2ed_gMebTh72DWBYJnPdUCQlALJqPAtweLZLbZ8QQui-Lof61mWJxcDxDuIG2dbZr70eyLZfbsJZ_m0Gq-u35sGf3uOk0h_S7uCIaf36jV6S2-3DFBo0Uv-VdWXqqyL_MW9MEHiaFI3sJGlqi_9_q_P4qG_aXcSxCCZ6z5zO038u9WN_ymc0qgLCJLIJmJQf5N6kQeH8ThOXSWR3kFSwyS3mqib0Q6jQ14eNdof0-Q9ynTPOCHYnad9iC9SzPYfLKq81MmxZevvZxX0A2Dj17t8X-fRhSePfCxYImcTbtelxRvwDzNmIueyOlYawW14aOgCTxf7NIyw13bkcVlK82nhJzyjt9muqyXH8E5pMBBpwxjQ0W1Ey0URWCIY5pxzxak_i3yYWUYeWJyibEAGZxY1wGcZbWcDALOMUzNyH4MXwy_CowrWB9evermLZYePuNyL5CMHUdKUExkOCQ-kdGQQ6s0Fi-TL14UbhVeDr4RuWWl2AgIgPeiRjLk5yxpjV4xhHqNE9nhukXb-sMLVktEqz4FY4bZ5ojdMpY96kbGn0lHOohUHmfxN--oLcyCfJBVc0Tf4MivD3Dodg0W6295EdJJi0wKRDJNFCQKtmMdWQ-mFe6DV6z5c2e-8UMgZHx-LnSyF7JcRU4wNbNTlrQn_9ziAXRLrsPdh72UO3dypHtwPdSOsWHZk4-0NGWD2xfG0Oi00EOAiiRyclrjwdIwxNY-Vc-eHhh5iig0mGtxAikk2EcuMnxQBBDI5VyS9MPQoHuXSZRPIgCVauhXu-tqM7wjQrgXSQE8OrVjH8y42fhtWYMyDtH0nYBhEWfTDwaWCsMOBSK7Sz8m6peFtylXkiNcar5RaX4Tj6sCiT6jShen3hc83ArmnSZqyMAbWvb3yXPDfZvjMhZN8EwkrP5Aqo4-E4Ac9KzR7XjTWMbWlSktzgIZwhJas-vz8jBuA10jTX-aK5tR_UA-r9DINQYfr33MoXP6L_A7jwXfxz9O2kyyuuaCHZlFzP3CL9WVc1CGCF8kAcLwSYLXhASK6GulhnZBH7AwuRSvBk4jOqvzKZYKLtThTETBLB9XCDScf8rgzoMTECEUov5xFSFb6Gfg94Rr4TPts08PzNRzx0Zp-TLtkQi0FnyD3he7x8_e6W3E_Gdhvs0L_4itfGEs3A9ZSV2GYUcqoXGaGGg5kC2L8LPtFU_4aTXvBPsG_w5fKQjGmF1f96pUTpVVUFxpjaNjKj3EbNjUYXN90Bl5XbtzfW4yHDtXgHvWmxnV8rmbPwTmQJ2UCqVIMQi9z5GbD7pPu_PGWxU_QWOuBWOsFRdSKqFMDGxFgz3lnIaRTcqg5a0GemEWPENaUwr8XH_coTYhf0mzsz2nNpOP3fqchhEk076JKruTb_WD2_3w7p6_r8lakTYSFbypgxveO1fDAAF0y8Ea-THSzW8n6H9htdz0NOmOGWQbqYaBtyE6t16xfNPhoel_Mm9Fb5OwDa8EazbFJCSiJxsfT1j8Jw5QfIgQAdmu8UbQPcZfU3w2uuyzPjqdGzV4Q_qWEhz2kADPSS4AmE0FfMT_6IaI_kjvVNhg9CgsLlj4NSLlGySq6h0Qc3kVl3cpdn1r_f09Pxz5NgKaVfn4ZpvS7hShi8pH95MLtxDmOx0kVpf0sC1aZVNKtX_fgvfE6dWINb0WP9KzuSJooexVQYs9UR9JQ5Zb6I3ANUYnMxAD5hOMOkyDFrvwsO_r3KS9_IaIP8Gmc7fPM_P6J30Bpjp-Q0KwhBRQF_tCUqwPCKWNvq6pEUe-MzpWtx2Lxqv7tqTunxWOvFA1PUhgfwe2hOgbuj6egnEdZZ5CER1YxEFLeWnF6WpxPdRCxGzKZ0peWcG8Nk-l-DSCZS4sBLe25E3Z2McO9-x5kyrsQyIMJpAJ2WH9dVC-7tn6rlf9BDtP6xHxxMkIdfHdGHaaDmRZnZsWD80TyPWirwR_Q4lZ9Teubxy_WUcI3zfsOMe1vRTdFRKKpp0IxPq28D9WMOMZeG4Sv4ZkaZwk6whmgk1yKXCCxP47Megm8l3f2TjI0SNuCUp8KlzLknhhvRi9PVGKc4y3AlxhnI8NqVgNrT7P5jH1e-XmnfymtGQU8ZForbVi6O1SR88upsil84fW-j6jIn7n302TTirI1-MJPtFv37RYJ5-C9rIrEwN_Ffazz9ews1m51Z4ZuWR0oCRHwN1Zsj_x9VBuod5FNqQjbxglo708scdlhd8m7Tf8ySAsscgG3vN8MthkrZoNFuoXBLz3gpXOZh5o0rW6bIQdZx9vO_Peg0maTeYEc--lm4hfEIJxRLSQ0vhq4S_l3JjIgCVV8ehRqtg3XTCH3fRn2kQe8sNmL7MqtnJV77zzvXMrFPUHX5ziUwhUM-45_wLALMVbMMUJw4miAYK1KRXyCEqPtb4DO3sOmbSyy4YAswad6m55OMEsHJzoIP0caTN4I02M3UO09M4Sgcsii6PnX3xH71Z_7eolcZMD_KvW-AUcv24wPiwZjlcwTajK8hvOIUNj8EZrKymzvoqYOJDWZgPznkxws__ZeubfA3P78LUBqHGAL0lOsY2E15wD5yhaUxt7QMDldwm3zKJIw-7k2DPyVcD3WYJVNDChFoLCD3Y_aeuPhrV2LSyPz3lWgG28PvlSPCN8tMSks9Bg909-0ddV5_SYzaXprcLeX7W7L89wVt7mN1sD38-4SJb_QJHV5Gtg0C_4zEVznRxoZydk40w-u4WjQqJqMYebRBZx56wcX1Fdr17dctdZDcfPP5uELqPTcV4u9FnP-X5gSfNDRSb10c1zK8DrQ-l8JDWnX0qa8ptqK1qpp0iTYlXWLGaN2dG8BZ5jPtUcAihvijERA3SMkZUuQkZXHq-Esx6hWcSJnqZRD4zEBtcBgu0pH59DzBd2jA2DB2lnLOi1MRbPo3eNtJWzGr34pC3qK5ugZNQjgTDHddTuwL3Rhqa9sPE9A-Lu-VG3twlpz3HubITNPyq5FXCjLcKTQlbDEenrZo4n4PK2Ey7J3gc7Ofr65qBn57YDKIGKkVWHSA1SFUfhW5aUtyMU-82_OzFw-Q2Qu1SJObjYJuUg1cp29JEJnqgtNmQNvXWkoGgSE99smFz8Ob_VpPVjzQUs3j7b2tRGOCIui7oaWEfCHcI4OqYg&cid=CAASFeRoWWKFmqJ8NLClbNoz0FFNEEIonw&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb994cbfd9bacda685942e9ccbb54503e966ed52fc17c93ddb6803ed845e321a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AEBC 499 B
258 B 19ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYpPbdswEwAQ&v=APEucNV_dECSCJVwfjEGSGp1gxfOfW8I30l1yPMz5q7jkdC8aXjs1r1-uI9br7wSJHSN9iCypsQQ1MjQn9A5YeEYe4B4SOsWdHb1XILJ6MrURWGE4rBCxao

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 16 Dec 2021 18:26:42 GMT
server: cafe
cache-control: private
content-length: 237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F85E 44 KB
19 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B164UKYeZQ8TXkY_KbY1ifogCh4H_ncDbA-CLbfsN3asiOloGfDVqAPvnvIbmAKh0WtZuVyUa4Ocdd5EGD3hyWiplaGC1FaJNXWsr635d5JofEZNaUWSOvVw5ldWRKiI2v3qUs8O-F2C9r5uV-vjWb_7oziw&dbm_d=AKAmf-DHSLarVIP4j5Kw50AZrLVPjoUFZXlqlGQKXxZ2mgFb2SgUhQbJrsfCJjORqSwqTFg8L_Ji0k-ZZBhQIwRamNVOIgBBDCEKaLJFySxrr3YNVomLLMeBE2pgIabcnfPZj57F14ggGxIoAH2d9WiWJcJmQcDHvwqjxEncZqQ4dOKoOWr06HEExBie_lOWXqsY2dJClzyIFiU1cqR9ieyjEMwkErwn2bBu6UVGbw26VetZeKybT66dNyTDvVSkKGJipIGGpR_H5CkHdtoC-R2P50bERskPmKF7Xhud9EcJPIu-TI2QtdWmdOnF2oF2vqtE-1Z66EG65RWqtekuWWbQD-isF115D7-45k5FZ4xZM655q77Zi7-nZBe0fPJd-WPQJjbQDqBhxk1vtJ5y21lDhQlUr4ClxL-BTgztFUbQoYbvp2WUqqb95RFjLCBJq3Fn0PiXk1gOTpd1NP6ftAgzecPieNA7riXPKXQknloc0kH-8Tu8Np5iswF5Y1-rvYdra-Z0gvHaO8wvO1MmD7Ag1k8ID8d-0KbDPM2TAiCypi0ErLnxg5VX4B5fZemlXyZJj6qLLbym0Tzcpgdgoq2oewmS_INZXSDVN1-RHwes1yaVeZzEmaSYFDy70cC31IeVqOJM4JoumWRV76tBl491kjLfp66lR5z3mMPevZg-xWtJuXGhWNsLUHeln7IqjBMYAEZTFjaPnK6GXqjUS6MuVk9t0iDdRBFPn1B94SzMBNZbo81zmLK-kmWzqpUqMhl4UAoxn9pO9aZtr3kia6Yz3z0oPyVgtuxPt_B3Q4XItnkUgVrEa05z-qWQT3zx0OTuh8-ecMbTAQQCQOuNCMmGw_9agjVo2hXMa8ET1izb411h44ZUyuue7y_17uf3e_PE11-Da4rvo0uDR52x4BbuqavXaFpvMMuwnRy6oklrDoICO3CwCd_DH5Z_lZKME68XlBN5sR7U2U6qUqpatWUnIkHLjHzN2tEwL6m8a0HlK1741SNd13Jw95ZCyfUtf_LhLdD-qeE7ScwslFQ8EOZA57IRqMcmBFGUUnUxxD7_NicOyjAEfHjoyI3XoghqAp_VUbvw376rKX5lKjBhKckVh0jxR0C2i5MLbo2EgIc5CNqjJeFGxevARheZPcy-EpBOJMZ9aXSsS0ka7p4HCrPjCfAoIJ6acaS_IOnz4CLwj_vAObV6wBY6gQOPXNKu62993T_X1wVmrrKEktwIpPojraU2k-M62FB31UOTdZA4X_Tb7Lt2SOowqA01eHKtO_Ki3CCdQF1bumpuWmXN0clrw4V8slzmRG_RfPJ78AbG9MobwtC8LfVeB6e7jRbUS0LCYNjEr2N3xVH5VnGo5S0cyQmEK-eh3tPMQWH8etBWs1b-r2Ylx_7s1Du38nCcdzaBH9iWrsuyHg_Y8I3Z-UOCxLBjaTBbVHzyAvmMRXGUU5GbArelpxBhhWs7ESTOztmr9gZoIAjU9ElRgtxGM1jrt8twg4fDK2mWYdH4H7TrvuzK-aZSe2Vj--VP0o0zFJWfnsv8_dccvZhf0fhXhR5GxvAXNq2K0fNS4RFK6txq4RgZ76RNXPsefpvbA6cCZygnVDNfoJwhZQ1313cVPq3O6VY1PzkxaV9OY-DeR0aGediB63RfWXq4t6-19XJntiCVwAJlnrf8PeGh1Puk463cyQmtt9CsRluFHajxA1_vMEmAQJYn_cVLMn0TTxGuAVrQzLtDYQl40Dqqb-q7QcHsfXN7WRzvc8Lf8uoHu15lk2rR8A--NxNiAuFuf89v4cpup_HnUqMbwIfl4RE8gZLA4mvGWXVCwlCiJ4jUJ0fe6d70S9UE53Oo33Knb3kSflGlpzcKNhtoDgC27ixeCiXYH5jITkPWhOD2iQnTzyTrUwEfm0tERFHAMCC7c9ZuEIkeTBLJAiid8bD8jqW8cARnuutvIOxgLYiQBI3X9nMiY3__FC00jE147aMwK7hd1QRcko8EsT5fdB2XOB5gi8f2cIQzt7zPRdx1FH8aVYJHdPobkLCETBF-Eq1NQxoEm9ck2p2sWIX9KESBkqaKO2MDHlmGirAskalx0YSgPzTDPgaVSP16m9FY-73mVYjlIBQkJaJP7jyAifoK5eqzEeWEUFuoSYfQDy6uLyapBCf12emnllUgCVMsb5cJp-1ARGdrw7B2_3tX6XkLJOEYaFSEEZgxdRgF2T_8VBJ14e-mGaJ-T67RvlTor7WNAObkorWF5K3IdrM_gP-gpiWFHedXoBg4VlTEf63kK8E2PBdTP9wbxDsMASyp09vtfS4pR1aEf2UYpC-YNCoHYC0e7q6buy_c6q6bZqsncBVGlgdv0L2UFaUeXEbazBjO1ccvCsCpg9pcpmeDBJ3xFbtPxsDUvdr28B_bOk7mYGw10cshwer5rl3R4eokggmXALmlyaL2-w0A7aVNXh81ijZS0L1mkHU5Mdwz94-n7ucb2ReJzDaN21OzdxH2zIyTO3sViUJrj06-NOvUXt16o7oa_pGoa2O38oIXgJa1ZTjLqLsF2aovhLJneDF3ywHHf9dzeeiojE076o6mz3uRbITTuq-oRzDQ2jHCUgYPSAiG2PgorRhG0oWA9b1na-ICfY6he9UB6QutX2aROQIsNSPey2BAAUmobcOjUI834cXC0kwaVByjE5_hYwqoolZTrCPoGGBvM0pPLFVzOINGTgKWikq0_Fb2sI81EyEt5aidaY2dSB62sg3buEOM2TBshnZvJRlNAChvwABUogImBmP5qXP7Im9x-WiOk3vsVrdqtXmdmvnskTnDcd7qrKqskBmCCXWHsNubEouYOBhxmdN7Die6rtI07k7rZqyqlkBXO1lMCW4m869HSheN-Zj4dqcdshPfgiFhh-c3r6VbeIFO_li7Zjgc8iwsfDo7MkKuvntIZEZtdZqsX4n3bYmRMY-1dqyNc6B8WsZ57f-FnxQ6kgjpySF4iP7-EtAe1qTCFaLjLr1U-FXyPqQUezwUQZRy45fgvzznIboqWvk3i8LaZicpl11HnVyISURMEX12b061ebYk3pJiKgdwiInpvOFYF2FYWskNhgumMFZJrw1h0_sYq7ZCUpw7-2TdFXgrNKmhktBOcXuvU2jZc3tUOSbqjKbJI7aKRNOFQDjdm4I3cEWqz8kyrTIVB6g8XUDQ5vscqqdcYM_pfRM&cid=CAASFeRo5RK-OozLOgL6czxRpqtV9inZNw&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb3b069d0fedffb1837cee85cb7eaef62742d71889b8b0d3d29bca84d0d3aec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19129
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C546 632 B
324 B 18ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhjDnLW3ATAB&v=APEucNW2mxGnIghwXFRxJ7NTCwBKehelQX4aYz9-zjoeHy4N8_K1tVY_5t9bHESlNXqQs6XETeiFa1nNcVDwlmjN1BnGW71SEssx8H09HVyumhayjlZC5vs

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 16 Dec 2021 18:26:43 GMT
server: cafe
cache-control: private
content-length: 303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0C47 78 KB
30 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRgc02HuUuVQ6mWzIIycVQ2SN_bwRJmievgggDfwwV5f70dPafLA4-0RgWU3DCxXbJHNpsOtWnlQoWeAtJ47GCUrZ-TX3PtkpqOGUv12rooGLKWv9Hu91_sERO0448CQmC1WS_yYWht9BlYKD2xqaKCf1FUQ&dbm_d=AKAmf-DoT7VKRzhctm0uwprQTEFMj_g2Q2S9iBZ_7P5YeabzHPEgPakuSurquDFlpQ6EfSqIOuKuKf1Kq9R34XS9G9uDsKN3iWwhEuc74315u1jCLBwTLHzbaZY-Gfn1zRHG0Rn8hbkTSHvnaNcpPlVzFluNz6eMvOIinozG_8_4x5LaJGhXj_TpnYzyCUZeVXI-lN4YqbLpG13QJ4d3vRW6dbKJKajOiVnjVU-ZbhiH1x8tcXcdeNKH4VO6ErE1y9cNw0HaON7z5wngC2bMtherr4vd76GPzytGLhawmsLCa8-Aa6NWpkO4pJLDcMl0oQxH69tIlCvYYJJEnqdSCfGZ-JwUS5fwZHIqNDuEi7B7KOfEF1hee4TvX8kJBm7YgCsK4c-fGPjfelq1pSdHZLNV_cN2Qer13SWSs-vXorD3DLSmE65n9u5ctZTn59LuH73iDwPvzmRNl10-p6bVKxbMFwlYjfYLdxAIexOu1PjuPcESCWtoc0x8mUzbC4aw3A30bar5l8GTa7-nwjRFPNoekmo2eRCM0tTfptPtSHQtWifpN5Lr8o7Wnudomb_VgpdSN2s0Z04oO5ltscogKuTXvkXstip7EDFwUrz9VUFAqGKzpZXRWuudw_OVvy1MlWELtnkMtrSGu5esClNuw2DaBUrlCaTf08I4HnTsRac0ydPPPXl_YJ37_KX92CSj8LkBj80dhoON-EU9zFd6JNSzUOT7eff_UY49JZah5i4ZPzdgFujxHbpWslpE9pTO-IDVvFyPOf-ruye-izo_8PGjgwcqMrEhmF8MLj361HBRYlfphIZQaVtAkZSO2HWbJLXjasRCfkmZ_EF2qrbpEJCbgoKaQLALD8DHTkHjNL5jarNfhI-U9eQFVCEWaKsLlcya9LlEWxyctEqvMzbybHGRZIoof2NoXlB8br15hEzReLu5E-7T0Gu6iDrS9hT9gCGtfRrlFCDG7TfPJAxt2t0vruSwf8INp9A5gA9BsEOHdelCklGEyyYxcvAwTySwDR75mI7U2NOuUk_E6I3-wLiswICSffxtDTGsUJxSDtNKzZyDYSPduTmwK9k-Sj7j779hmMu3djgsmsFXN6lej_JeNmKfCDNQotWLohTPS9R1ukMZnHuDaF5DljDAiS6CdxW94jtNTAPl5c-KxsRBUfWZB3dUoVu39TnjjeloCh7_EPav_FkBqgnJzDEQhbgrh36ljx0SPZYPKzgCBYDYmo3Ya9qtttsZ6t76_Im_bJ06leUn6vPxg2svyh0dYeag1ujuUUmp8cZ1EkufdaymN0mGU0BhRswnL4-YWNmnp43g2vqC0DwHOpr28b8HHX6w6j6qWIIRCHqcZM5kIyuch9h4i7lJhn3vj0P3NCxR0TniykiRAQwK8HkXKmBkQc0nOI47Yu_1lIgrLrz64Pq89QjpYKWrqgilZwqf7jJUVqJrDWxbAeTn49a642NwlRik_1h0TWpCFsQZHwLRp9797t7tY3SxL_CawWKN7Xxc_7FhGDsg8kwCzOjRzrK4R9fh4ZvoymmwvLVuMMnJFzjptZ4W3wIL7fa1_tukHOgV1uf5DeU9gpyd6CJ2BtlL3s1Egx1r7oH6LWmKH8NFCn1wW_5OlA2XWIZpEvtvVLg4R7kahfnplQguT2vEKzEZItpVpah-2bfHuKPJeShDDYo4MK9ftqmdAvEqEo7lrczUJVoPmnPelA2KqV7viSeX5F03DENEE9g1brD773Rn53gRnHscvt-siIORaKzpjGc8cn-IfCGhLV3pJ33FG_30HMw4C1nTf5HigmX8tHe66XlWUjJrQoT4gxLswiz18PPI1mw_JV9qeXijvogat8MFlhmIiWlreV5ydaXlPLVQf4J5L06vG1DJEpB_g1K4xksNL5ZvgJPaS-YThZR6p_UF7OnvaXk7cImZX1xeKZ-DnndMbKOZV8H6AZq9l3oquuZ8satmj6Nm6BSgu8YIp_2VaACA5cZxEPnaRaNKIzUP5K6yDGspB-Hgw9wtoHZ9flg6NoHW9JNcBxsrI0bCeOss5LCB2wwQdT62HuThfWiYE7iueVZwPQrLelKQ7yqgVlmjkA3iLu2Ydr6hDxIyFJ4YpDV8_rFyjNFmfLwIS0nXJKYsQGST8G0lpKsqsaLPNo1vQ6ofiHsWhsFBWRRA6je01nyV6-3lBZ44CDq60pQ8BxfsAc1tE25xITCvVWwdoLAmTYp2Rv1qu785TGkCNuU6-juTr2JxTyBFbj7sd0gH90yi_pwcz3gX5ziSfT4fkS5ogsFAhaJ6bHum2-FCkBkEPGRrVHvsN2Hq-JiqDabh5ubYcETomPY75j57EMS_KjeYm9_ZDuem_DWZnSyHyDgsb8D0QCOC8ZUlf7D8u6QSyu4GPAyJx4uWeEI44K3mT3wG8TFlggej-aslm_VMExf9X8ULswpZGA4RyFV7PsAmKLQoMhlmcK-ziyvv83FzdIxZEhV2GpD2JXCnp9ERzgCLPzPq0lAaLiLnQCyMTZGdIZKFSUQcz2zniq0-Z5xvgXx9FT3Q6qLaFQKZux-Ffx5lQM0bW4O8m90-fEut3QusdyRBOKHFRF6pPKI20l9XJjfjeGh6Rvm61LeKWrK8fq2fHpjHXIXdeZsSyLEo_n-IE9L4CwHxLL0s8Nx4G5DRfX6nfhSNgR14re2X4v2ZTu8DQcSmFqSciXXYFSUYvi2bs0b8ddGijtt7HPu1g8vtrlQ8qY8dwLM3flBLGN9BbxHso5Yg3UHJvZx6a93yXxEJHzkGgJaenTFCtU4_lueyCGY2EBPuRPn5Xkcgrl8sXTh1cUm6bosGz8K6Kx0p5S-8SV0M52B-jkSAzn1N9DyegM_lgc2WmGnlgM4MmIVVxEA8VZjj8BcH8jpfIcWDpvPlucyIa_87NSkQURxktfK72jdsLGn4RVMSjsnErJXiDLCnpECBZlWEfilq7GplHCo-x47OOY2_BBGNzkuPdEVWt1_CHly3ncfXKYQeGXAT10jx7mPPlIHRsbib8xyBLYeNU8iIuyaoWSubyfGve7qgyCB6jjiqcLCvMyvsbdbsxB-XE5s-HLLvUAI6PF7EMGNvt8gkYq9wsDtQY6J03al-6uMZt13spK8gNIb-Blp6X8nWb5rvk3fDR5OBYfOITAXxWeQg4C0XOKunyGqaTxRGDqGd_JaPcJRHE3eD_hsFi8LhsaSx_mOXEtVGAo_Rg65SuktSW7WC21JL9Fzxfg&cid=CAASFeRoZbYc69eZKJ6QbKY6C6AA73FFqw&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54f0266d1c4ff78fd1602bc51e0f6132e279ff26060c75ea4c8023873a8d1eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31157
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 528B 0
327 B 499ms
181ms Ping
image/gif 2607:f8b0:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kx9anrrv&c=8761236955789&slotId=4380618477894.5&qqid=CKPL3IL56PQCFXIRiwodNYgBWQ&gqid=4YS7YfHkEc-W3gOXirigCQ&fb=ima_html5-lima&sdkv=h.3.493.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=21064201%2C44750604%2C44750822&vmfc=16&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6C7E 0
733 B 41ms
41ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:43 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0397a0fe-9562-4ce4-82f0-4ec9ea3f8364
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/906389/59213328/ Frame 5C70 40 B
382 B 95ms
33ms XHR
application/javascript 54.171.208.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/906389/59213328/skeleton.js?videoId=8eca2b21a640fabc142cf9146e7f5592&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&adsafe_type=abdq&adsafe_jsinfo=br:c
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.208.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-208-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
content-encoding: gzip
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: X-Server-Name
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/906389/59213328/ Frame 5C70 229 KB
76 KB 126ms
62ms Script
application/javascript 54.171.208.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/906389/59213328/skeleton.js?videoId=8eca2b21a640fabc142cf9146e7f5592&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJ9LpK3cHaWDxEeo2QXChXSUNnbZIjtlKlDAjM0l9A1GFKsFzNNC8ZS-zsP_NaDuIwMm7UsG8bK8zjLrdgiahWBZ2cBExpDmagnKKm4c6PkMn9BRx48kLsRVkpNv2dKRr1EK5IwDIUuwJW5ABY2fxMIA&sig=Cg0ArKJSzD3NucuHPGlTEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213338&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=e319f736-1799-4338-b23e-46f344de5046&adsafe_par=&logTestResults=false
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.208.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-208-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: db3687a4faddad63843209e90b44c01a27c81c9637d69a9f81391d1e4f968393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
content-encoding: gzip
x-server-name: app15.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 204 id Show response
id.sharedid.org/ Frame 95BE 0
213 B 505ms
171ms XHR
text/plain 54.218.247.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.247.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-247-33.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7C4B 2 KB
1 KB 26ms
8ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Thu, 16 Dec 2021 18:26:43 GMT
Connection: keep-alive

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame E6A5 668 B
730 B 22ms
21ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: c8dd1e23a5f23ccb19bdaea981242d126f2a1f17cb51583b9c150a23f931569b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Dec 2021 18:26:43 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 44F1 668 B
718 B 22ms
21ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: c8dd1e23a5f23ccb19bdaea981242d126f2a1f17cb51583b9c150a23f931569b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Dec 2021 18:26:43 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 864B 52 KB
17 KB 12ms
12ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Dec 2021 18:26:45 GMT
Date: Thu, 16 Dec 2021 18:26:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BA1C 14 KB
5 KB 18ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=32248
expires: Fri, 17 Dec 2021 03:24:11 GMT
date: Thu, 16 Dec 2021 18:26:43 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9E9D 14 KB
5 KB 32ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=32248
expires: Fri, 17 Dec 2021 03:24:11 GMT
date: Thu, 16 Dec 2021 18:26:43 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame D9A7 2 KB
1 KB 26ms
8ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Thu, 16 Dec 2021 18:26:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4F08 52 KB
17 KB 21ms
11ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Dec 2021 18:26:45 GMT
Date: Thu, 16 Dec 2021 18:26:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55986/ Frame 95BE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YbuE5QAMZMCMjQAz&_origin=0&gdpr=0&gdpr_consent=&_test=YbuE5QAMZMCMjQAz
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbuE5QAMZMCMjQAz&_origin=0&gdpr=0&gdpr_consent=&_test=YbuE5QAMZMCMjQAz&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

0
624 B

11ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbuE5QAMZMCMjQAz&_origin=0&gdpr=0&gdpr_consent=&_test=YbuE5QAMZMCMjQAz&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbuE5QAMZMCMjQAz&_origin=0&gdpr=0&gdpr_consent=&_test=YbuE5QAMZMCMjQAz&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
date: Thu, 16 Dec 2021 18:26:45 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/ Frame 95BE
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiODFjYmM1Yy01ZTlkLTExZWMtYjE0ZC0wNjA0MDhiZjZmZGU%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEGQoUdcvjd9DF_Z1KSvxuN4&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGQoUdcvjd9DF_Z1KSvxuN4&google_cver=1&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

0
20 B

10ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGQoUdcvjd9DF_Z1KSvxuN4&google_cver=1&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGQoUdcvjd9DF_Z1KSvxuN4&google_cver=1&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
date: Thu, 16 Dec 2021 18:26:44 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/ Frame 95BE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=81af1dac-941a-4a28-8cd7-842422c9914d&_origin=1&gdpr=1&gdpr_consent=

0
124 B

31ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=81af1dac-941a-4a28-8cd7-842422c9914d&_origin=1&gdpr=1&gdpr_consent=

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:43 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=81af1dac-941a-4a28-8cd7-842422c9914d&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H3 200 css
fonts.googleapis.com/ Frame C8F5 3 KB
579 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 18:22:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 18:26:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 18:26:43 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C8F5 1 KB
880 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:20:50 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame C8F5 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:24:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C8F5 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8F5 119 KB
36 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 18:26:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C8F5 15 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:26:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C8F5 0
0 15ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSksRA-9ywt-_cv9P9UxBMsD5bEOqFbJRtT3HN_-4qBTw4PYCZTWqGrv8k57ay5zlZCAcFEYx3_mNYp2PeGZ8sR8TWHzg
Requested by: Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame C8F5 27 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 13:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 13:32:44 GMT

GET
H2 200 index.html Show response
s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ Frame A162 109 KB
29 KB 60ms
12ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 931016497e6052a58cdcccf8bb7975f3a75840745a5ff9de0aed13b675fdf32c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

date: Thu, 16 Dec 2021 18:26:43 GMT
content-encoding: gzip
content-length: 29950
content-type: text/html
last-modified: Mon, 06 Dec 2021 12:39:04 GMT
accept-ranges: bytes
server: nginx
etag: W/"61ae0468-1b2ab"
cache-control: max-age=86400
x-hw: 1639679203.cds147.fr8.hn,1639679203.cds102.fr8.c
access-control-allow-origin: *

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame F85E 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame F85E 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F85E 0
331 B 62ms
62ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSw3Ft8Rtp3o55OhfOn0fM7U-YGCA86jdT2BqKiywwiiVzFoB2aqlbYvBBWte52Z7ikNTzAiwKGNy6b1NPOynB6bYdXO0naYQCRLkA2-XQwDmL0VCuwqeszOEmnJF949uuDWoYbnIV5kXW-C3wtBfAZntRpZZ83WNsrBQvBA4A1JEK3P2u-cf4_ZzenO5C2RfXOYkoKw4mwEimsZGuWADGMixy5ejXe15BjQfYLgJNP-LmuihDYsLjpgrkRPIaYhXea3Od6QOVLvMtwcrCrH1pvCFh7t7SXB-j7Vfg4dM8wzrDFwCMsCl3C3gww_ZLXm1IrWug4ahhxY6EWxERSuhYVgSseILHfhImUYmhlPcNaJsMsgWPn9SpX24D0fOfbQkzpZr0umfzFBuOnjh469F2Zk9tYL7tUyxBfq9pjj-sx3H-FXWuqWU4uSGqtd2C_5i5GIOqMKxQoXJJyXwiF9RM0MfRa6pARhr6z2FY2bGTdoqSbs8O955MsVpyPy56PejRfuQ2rygmJ7-V3A51qnFauoknmqil63jX_hl8ZZcJbTSUT3aHb8_9fP-MUSx4tzlx18G988_LIS-jNDB2I3RYzbXwHnRUneYNCuIhIPLwpU2ZbQrnJ3BTutW1oeNAV6_JnZ2rIVAaiRJI0024sqEmqsI6t0fd48RGA13sjLqKqldFoAHjiIEqnwF1fMKyOvBhbr4kDbHXl--oDf8TdBKbx1iV8gyxx9TEG0ij0rrJTPekS8ZpTVDAg4kpXAd_HUwcWZL3P-VJJ3upGaaFB3M957Mee9BbfxmS3eE9w5YVOs167LKpwG8AVOp9oEsvZeZrhnzh3h2o5VarOnHBJ43t2NbvLUHX9whvU1gKFFsbKY7yFKJhvRYS715_k1WQ51EGZ0yNrzyDjqDwlBdTiPUUJL0Mp-XhQs9hZ_JokFCEROIA_XbLPNsURKn2Dq_POJUIounk4FPeOeRM8YWdVzA4NksrS3-9XJ8fsZexTp-Z8mlV_eHRKbYIgId3_TmH_FPDjI0kdiU_CtxZHdYPTxALwuJx9HSWtz6hAsXPHx8yERR92RlnhxRVPY47nEYlAvp6FuqopbwEweLrkwkWDHU20bMdL45wY93NkqyrvqBF619CPt9vkXzV-nL7upIWbUnDdrHtJuqkxw&sai=AMfl-YTCTMHUwR55ta9E_DxOPZgMHkIqQ3OpU29MaAzc7wguHmZ88gkNFYJurlketxTg0gVVE9Hx4KiUgaf8UrgMnjFjuWWUC4x5E8rgiI5sU0-Yl1gOhcoJqob3gijfqenpqO8RTQND054tQgKbyZjh3O8bqf7BPbt_ASOUylQ&sig=Cg0ArKJSzHKfmWJpGOrZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=2&dett=2&cstd=0&cisv=r20211207.79377&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B164UKYeZQ8TXkY_KbY1ifogCh4H_ncDbA-CLbfsN3asiOloGfDVqAPvnvIbmAKh0WtZuVyUa4Ocdd5EGD3hyWiplaGC1FaJNXWsr635d5JofEZNaUWSOvVw5ldWRKiI2v3qUs8O-F2C9r5uV-vjWb_7oziw&dbm_d=AKAmf-DHSLarVIP4j5Kw50AZrLVPjoUFZXlqlGQKXxZ2mgFb2SgUhQbJrsfCJjORqSwqTFg8L_Ji0k-ZZBhQIwRamNVOIgBBDCEKaLJFySxrr3YNVomLLMeBE2pgIabcnfPZj57F14ggGxIoAH2d9WiWJcJmQcDHvwqjxEncZqQ4dOKoOWr06HEExBie_lOWXqsY2dJClzyIFiU1cqR9ieyjEMwkErwn2bBu6UVGbw26VetZeKybT66dNyTDvVSkKGJipIGGpR_H5CkHdtoC-R2P50bERskPmKF7Xhud9EcJPIu-TI2QtdWmdOnF2oF2vqtE-1Z66EG65RWqtekuWWbQD-isF115D7-45k5FZ4xZM655q77Zi7-nZBe0fPJd-WPQJjbQDqBhxk1vtJ5y21lDhQlUr4ClxL-BTgztFUbQoYbvp2WUqqb95RFjLCBJq3Fn0PiXk1gOTpd1NP6ftAgzecPieNA7riXPKXQknloc0kH-8Tu8Np5iswF5Y1-rvYdra-Z0gvHaO8wvO1MmD7Ag1k8ID8d-0KbDPM2TAiCypi0ErLnxg5VX4B5fZemlXyZJj6qLLbym0Tzcpgdgoq2oewmS_INZXSDVN1-RHwes1yaVeZzEmaSYFDy70cC31IeVqOJM4JoumWRV76tBl491kjLfp66lR5z3mMPevZg-xWtJuXGhWNsLUHeln7IqjBMYAEZTFjaPnK6GXqjUS6MuVk9t0iDdRBFPn1B94SzMBNZbo81zmLK-kmWzqpUqMhl4UAoxn9pO9aZtr3kia6Yz3z0oPyVgtuxPt_B3Q4XItnkUgVrEa05z-qWQT3zx0OTuh8-ecMbTAQQCQOuNCMmGw_9agjVo2hXMa8ET1izb411h44ZUyuue7y_17uf3e_PE11-Da4rvo0uDR52x4BbuqavXaFpvMMuwnRy6oklrDoICO3CwCd_DH5Z_lZKME68XlBN5sR7U2U6qUqpatWUnIkHLjHzN2tEwL6m8a0HlK1741SNd13Jw95ZCyfUtf_LhLdD-qeE7ScwslFQ8EOZA57IRqMcmBFGUUnUxxD7_NicOyjAEfHjoyI3XoghqAp_VUbvw376rKX5lKjBhKckVh0jxR0C2i5MLbo2EgIc5CNqjJeFGxevARheZPcy-EpBOJMZ9aXSsS0ka7p4HCrPjCfAoIJ6acaS_IOnz4CLwj_vAObV6wBY6gQOPXNKu62993T_X1wVmrrKEktwIpPojraU2k-M62FB31UOTdZA4X_Tb7Lt2SOowqA01eHKtO_Ki3CCdQF1bumpuWmXN0clrw4V8slzmRG_RfPJ78AbG9MobwtC8LfVeB6e7jRbUS0LCYNjEr2N3xVH5VnGo5S0cyQmEK-eh3tPMQWH8etBWs1b-r2Ylx_7s1Du38nCcdzaBH9iWrsuyHg_Y8I3Z-UOCxLBjaTBbVHzyAvmMRXGUU5GbArelpxBhhWs7ESTOztmr9gZoIAjU9ElRgtxGM1jrt8twg4fDK2mWYdH4H7TrvuzK-aZSe2Vj--VP0o0zFJWfnsv8_dccvZhf0fhXhR5GxvAXNq2K0fNS4RFK6txq4RgZ76RNXPsefpvbA6cCZygnVDNfoJwhZQ1313cVPq3O6VY1PzkxaV9OY-DeR0aGediB63RfWXq4t6-19XJntiCVwAJlnrf8PeGh1Puk463cyQmtt9CsRluFHajxA1_vMEmAQJYn_cVLMn0TTxGuAVrQzLtDYQl40Dqqb-q7QcHsfXN7WRzvc8Lf8uoHu15lk2rR8A--NxNiAuFuf89v4cpup_HnUqMbwIfl4RE8gZLA4mvGWXVCwlCiJ4jUJ0fe6d70S9UE53Oo33Knb3kSflGlpzcKNhtoDgC27ixeCiXYH5jITkPWhOD2iQnTzyTrUwEfm0tERFHAMCC7c9ZuEIkeTBLJAiid8bD8jqW8cARnuutvIOxgLYiQBI3X9nMiY3__FC00jE147aMwK7hd1QRcko8EsT5fdB2XOB5gi8f2cIQzt7zPRdx1FH8aVYJHdPobkLCETBF-Eq1NQxoEm9ck2p2sWIX9KESBkqaKO2MDHlmGirAskalx0YSgPzTDPgaVSP16m9FY-73mVYjlIBQkJaJP7jyAifoK5eqzEeWEUFuoSYfQDy6uLyapBCf12emnllUgCVMsb5cJp-1ARGdrw7B2_3tX6XkLJOEYaFSEEZgxdRgF2T_8VBJ14e-mGaJ-T67RvlTor7WNAObkorWF5K3IdrM_gP-gpiWFHedXoBg4VlTEf63kK8E2PBdTP9wbxDsMASyp09vtfS4pR1aEf2UYpC-YNCoHYC0e7q6buy_c6q6bZqsncBVGlgdv0L2UFaUeXEbazBjO1ccvCsCpg9pcpmeDBJ3xFbtPxsDUvdr28B_bOk7mYGw10cshwer5rl3R4eokggmXALmlyaL2-w0A7aVNXh81ijZS0L1mkHU5Mdwz94-n7ucb2ReJzDaN21OzdxH2zIyTO3sViUJrj06-NOvUXt16o7oa_pGoa2O38oIXgJa1ZTjLqLsF2aovhLJneDF3ywHHf9dzeeiojE076o6mz3uRbITTuq-oRzDQ2jHCUgYPSAiG2PgorRhG0oWA9b1na-ICfY6he9UB6QutX2aROQIsNSPey2BAAUmobcOjUI834cXC0kwaVByjE5_hYwqoolZTrCPoGGBvM0pPLFVzOINGTgKWikq0_Fb2sI81EyEt5aidaY2dSB62sg3buEOM2TBshnZvJRlNAChvwABUogImBmP5qXP7Im9x-WiOk3vsVrdqtXmdmvnskTnDcd7qrKqskBmCCXWHsNubEouYOBhxmdN7Die6rtI07k7rZqyqlkBXO1lMCW4m869HSheN-Zj4dqcdshPfgiFhh-c3r6VbeIFO_li7Zjgc8iwsfDo7MkKuvntIZEZtdZqsX4n3bYmRMY-1dqyNc6B8WsZ57f-FnxQ6kgjpySF4iP7-EtAe1qTCFaLjLr1U-FXyPqQUezwUQZRy45fgvzznIboqWvk3i8LaZicpl11HnVyISURMEX12b061ebYk3pJiKgdwiInpvOFYF2FYWskNhgumMFZJrw1h0_sYq7ZCUpw7-2TdFXgrNKmhktBOcXuvU2jZc3tUOSbqjKbJI7aKRNOFQDjdm4I3cEWqz8kyrTIVB6g8XUDQ5vscqqdcYM_pfRM&cid=CAASFeRo5RK-OozLOgL6czxRpqtV9inZNw&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 16 Dec 2021 18:26:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 /
track.adform.net/adfserve/ Frame F85E 35 B
396 B 89ms
24ms Image
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?bn=49412661;1x1inv=1;srctype=3;ord=1898993650

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1D3E 170 B
188 B 49ms
26ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhia_bW3ATAB&v=APEucNU40ZCWMaHdrEg2aZvCo2KhYeCrED47XCtZ6r-jpBfrX7oK2KWdr2B8Js7k3lh16rBzFoJ2lBxpvum1zDe3xnQ0BNf-A_A_H-ICQHZ3mpTU8b03qIQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1D3E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0

43 B
1014 B

35ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhia_bW3ATAB&v=APEucNU40ZCWMaHdrEg2aZvCo2KhYeCrED47XCtZ6r-jpBfrX7oK2KWdr2B8Js7k3lh16rBzFoJ2lBxpvum1zDe3xnQ0BNf-A_A_H-ICQHZ3mpTU8b03qIQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1D3E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbuE48FpMdYRks.S89acmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2

43 B
1016 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhia_bW3ATAB&v=APEucNU40ZCWMaHdrEg2aZvCo2KhYeCrED47XCtZ6r-jpBfrX7oK2KWdr2B8Js7k3lh16rBzFoJ2lBxpvum1zDe3xnQ0BNf-A_A_H-ICQHZ3mpTU8b03qIQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/acao,ctier,expire,id,ip,ipbits,i...

128 KB
0

48ms
10ms

Media
video/mp4

2a00:1450:4001:12::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4A4008D0968B34530C22765FD124CCEAD8307D91.1531ABD59DCDA9B5647DFC8DE4E609B41D4D8337/key/cms1/cms_redirect/yes/mh/RS/mip/2a01:4f8:212:78e:2b::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1639678855/mv/m/mvi/1/pl/52/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:12::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Dec 2021 10:19:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2231274/2231275
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2231275
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4A4008D0968B34530C22765FD124CCEAD8307D91.1531ABD59DCDA9B5647DFC8DE4E609B41D4D8337/key/cms1/cms_redirect/yes/mh/RS/mip/2a01:4f8:212:78e:2b::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1639678855/mv/m/mvi/1/pl/52/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 654
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 528B 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 528B 0
0 53ms
53ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CAKtu4YS7YePWE_KirAS1kIbIBbOp1thmyOi2oPYOh7a-z4gKEAEg0pbmOGCVgoCAwAegAdXQ8aMoyAEFqQK5_um4XgOzPqgDAZgEAKoE9AFP0NmHkdOdCZT7B7UUDA_KrjQwzcxA7NpdbI8E9dmyoL1H1VRTvFg1OSwfkSNSe7pH4mxLHEewKDPhmb1RMsXErJ3wo0d3VUByHaLSR5WRd2ZCWYuGBA470ErQuyObWM4_inWO0khJZJTQ9lgd49Sn3NVTzz-JJrPfpx2fGbpFKlLd3DGf3kFxfzUmtD_5nYmFyd7aZkeDBLKg-quJkuUZZA9FyvAD-J4CJMWbSGB602rQzM3x7pgw3Eg-HnPiYoCye2II6sO70G3mMgFY0D8CXukj_NA_hFrZZTi1LiWG99cqkylwLc8aZSGJqGxsRJayKONNwATrnOXn-QPgBAOIBaWuxZw5kgUGCBsQAxgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfViMKDA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEKSyLhjyn669AdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA8gLAbATz7WxDcgTn73p3gPQEwDYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItMTkyOTYxNTY5NDM3MzEwMxiKuSE&sigh=k4u_xbNV1cc&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSPACNIrLMvjpvs89FyxXoTophTHRVEf3sH_chm8GcpTiIAz2BMm23vcFpPYKIlnI5UL26GE4s2vjqNs5Mwg&vt=10&sdkv=h.3.493.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1Njc4ODQ1NTIyODlAiAQKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTU1ODk2MjgyCTE2MzAzMTE1NkDaAlIzCM8HEA8lAABwQSgBOgsxNjMwMzExNTYtMUIER0RDTVAAWhB4NlJRLTJNMFVsRGNHZV9qGAE.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5C70 0
100 B 33ms
32ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=mute&imp=e35c7c66-c9c1-4d17-89a1-a57f5310fdf3&ag=ne6xjxo&crid=ghq46ojf&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=appnexus&uhow=115&agsa=&wp=0.440412&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=7143&rlangs=de&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&adpt=anor&ipl=17386655&fpa=726&pcm=3&ict=Unknown&said=3671822883519634032&auct=1&grdc=CAE.&sfe=13f304e1&vp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:43 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIiObqgvno9AIVoUXlCh1y7wLJEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame 5C70 42 B
63 B 76ms
52ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiObqgvno9AIVoUXlCh1y7wLJEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=16;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame AEBC 170 B
188 B 29ms
27ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYpPbdswEwAQ&v=APEucNV_dECSCJVwfjEGSGp1gxfOfW8I30l1yPMz5q7jkdC8aXjs1r1-uI9br7wSJHSN9iCypsQQ1MjQn9A5YeEYe4B4SOsWdHb1XILJ6MrURWGE4rBCxao

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AEBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0

43 B
1014 B

40ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYpPbdswEwAQ&v=APEucNV_dECSCJVwfjEGSGp1gxfOfW8I30l1yPMz5q7jkdC8aXjs1r1-uI9br7wSJHSN9iCypsQQ1MjQn9A5YeEYe4B4SOsWdHb1XILJ6MrURWGE4rBCxao
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AEBC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbuE48FpMdYRks.S89acmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2

43 B
1016 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYpPbdswEwAQ&v=APEucNV_dECSCJVwfjEGSGp1gxfOfW8I30l1yPMz5q7jkdC8aXjs1r1-uI9br7wSJHSN9iCypsQQ1MjQn9A5YeEYe4B4SOsWdHb1XILJ6MrURWGE4rBCxao
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKsr_lBfwS0OJfOfrwAiyxk&google_cver=1&gdpr=0&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3807 169 KB
59 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
Origin: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Dec 2021 15:13:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 3807 8 KB
3 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 3807 24 KB
9 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:15 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C546
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE3iSRFfexKw2wLaVhuvxVg&google_cver=1

43 B
1006 B

100ms
100ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE3iSRFfexKw2wLaVhuvxVg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhjDnLW3ATAB&v=APEucNW2mxGnIghwXFRxJ7NTCwBKehelQX4aYz9-zjoeHy4N8_K1tVY_5t9bHESlNXqQs6XETeiFa1nNcVDwlmjN1BnGW71SEssx8H09HVyumhayjlZC5vs

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5b8cce11-621e-4649-be7f-e50f35541dbc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE3iSRFfexKw2wLaVhuvxVg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C546
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM0Mzk1NzYyMDU0MzY4NDQwNA%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM0Mzk1NzYyMDU0MzY4NDQwNA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:43 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b6bed24c-1497-4047-a190-08b795320264
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM0Mzk1NzYyMDU0MzY4NDQwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame C546
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1&gdpr=0

43 B
61 B

29ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhjDnLW3ATAB&v=APEucNW2mxGnIghwXFRxJ7NTCwBKehelQX4aYz9-zjoeHy4N8_K1tVY_5t9bHESlNXqQs6XETeiFa1nNcVDwlmjN1BnGW71SEssx8H09HVyumhayjlZC5vs
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C546
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjhkMDJjYWItODczNy0yZmU0LWUxNjEtYTAwMTFhMDczNGY5

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjhkMDJjYWItODczNy0yZmU0LWUxNjEtYTAwMTFhMDczNGY5

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjhkMDJjYWItODczNy0yZmU0LWUxNjEtYTAwMTFhMDczNGY5
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 0C47 169 KB
59 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
Origin: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Dec 2021 15:13:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 0C47 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0C47 24 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:23:15 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5BA8 0
17 B 342ms
180ms Ping
image/gif 2607:f8b0:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kx9anree&c=8761236955789&slotId=4380618477894.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

52
r2---sn-4g5edndl.c.2mdn.net/videoplayback/id/2e75bb2624bcc57d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783491777/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/2e75bb2624bcc57d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783491777/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r2---sn-4g5edndl.c.2mdn.net/videoplayback/id/2e75bb2624bcc57d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783491777/sparams/acao,ctier,expire,id,ip,ipbits,i...

2 MB
2 MB

81ms
8ms

Media
video/mp4

2a00:1450:4001:18::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edndl.c.2mdn.net/videoplayback/id/2e75bb2624bcc57d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783491777/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0675F638529AF3AC68BE841756C3E2BA8F68BE07.79C747EDD4D0CABCEB1EAAAE986D483FD4BBE356/key/cms1/cms_redirect/yes/mh/6W/mip/2a01:4f8:212:78e:2b::1/mm/42/mn/sn-4g5edndl/ms/onc/mt/1639679095/mv/m/mvi/2/pl/52?cpn=x6RQ-2M0UlDcGe_j&file=file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:18::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

769489934e4f9ab755864c795fa5b7fd4b06833c8d54538dfa4d2957347698d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 09:56:16 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2201155/2201156
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2201156
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5edndl.c.2mdn.net/videoplayback/id/2e75bb2624bcc57d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783491777/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0675F638529AF3AC68BE841756C3E2BA8F68BE07.79C747EDD4D0CABCEB1EAAAE986D483FD4BBE356/key/cms1/cms_redirect/yes/mh/6W/mip/2a01:4f8:212:78e:2b::1/mm/42/mn/sn-4g5edndl/ms/onc/mt/1639679095/mv/m/mvi/2/pl/52?cpn=x6RQ-2M0UlDcGe_j&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 679
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E6A5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154

43 B
114 B

20ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: MT3 4133 baa842e master zrh-pixel-x4 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Dec 2021 18:26:43 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame E6A5
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt

43 B
61 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E6A5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289

43 B
106 B

20ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E6A5 70 B
264 B 49ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=04bfff61-4e40-7140-f481-fab8d0e5fa99&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame E6A5 170 B
188 B 19ms
19ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjhkMDJjYWItODczNy0yZmU0LWUxNjEtYTAwMTFhMDczNGY5

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame E6A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1

43 B
61 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 44F1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154

43 B
106 B

21ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: MT3 4133 baa842e master zrh-pixel-x3 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e1961bb-84e0-4600-baae-3f1a6ae2d154
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Dec 2021 18:26:43 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 44F1
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt

43 B
61 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HnGuSRB0qE0FJK8cGHjhSh8i-R8FJKkYGXlqX0Zt
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 44F1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289

43 B
106 B

19ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2929780910311444289
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 44F1 70 B
264 B 48ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=04bfff61-4e40-7140-f481-fab8d0e5fa99&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 44F1 170 B
188 B 21ms
21ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjhkMDJjYWItODczNy0yZmU0LWUxNjEtYTAwMTFhMDczNGY5

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 44F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1

43 B
61 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHHVn4cPGPr13p87FXxsUvY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame A162 134 KB
45 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46298
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Dec 2021 18:33:59 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 864B 0
733 B 25ms
25ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fa50b5b4-02e9-45c1-b96c-1202d5be53d8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BA1C 2 KB
2 KB 28ms
27ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86804727&p=156858&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a6bad99c8663d39406e5fbc1ecde4e6cdb8ee6ef207f00af134ba9146a233c03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1580
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame AD0C 2 KB
3 KB 44ms
27ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e113bbf936d67e0965466f5437903526053912d6ab0b901de4310df791846fc4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|73|46|51|88|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1608
Expires: Thu, 16 Dec 2021 18:26:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4F08 0
733 B 35ms
22ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0adfdf62-71b1-4436-b573-2ec2f1db772c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 29B4 1 KB
2 KB 41ms
22ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3283ea5f08af24f2baee3cd3875193e87a47d2c0d631de2a80c3440bc281d4c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|46|156|5|64|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1500
Expires: Thu, 16 Dec 2021 18:26:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame F85E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60dad7114c8a3f67c072f9ae6a7a051ac045b260bc3f206c4c8e37b2a7953679

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF55 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 16 Dec 2021 18:04:35 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3797721627517517824/ Frame 4F9F 58 KB
15 KB 15ms
15ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837f284a9e53efe321d8e8fd0b75a9a5424ec157302027697d0bc81af005fe11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
expires: Fri, 16 Dec 2022 18:26:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Sep 2021 14:27:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3807 0
24 B 55ms
55ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNCnA7jdFRNcxkBgctbVz5p0oVovWLaAg0BRv7vcCPzQebdMuEj3kDgQ3xMvt9644z66BPULoHg-0tJ2i0kLosvsSMaP_xiw_dCFDQ-s1vul4qyhyFnywx8fzu0ZcIgSU53YM9ReDD66aHYFBT_52ozqPqyBaM8k8xe2mcKo0-MQL0k3l7RLfRz-NfPUPiD9qm9eiXmIaX0HOewDmpO5SVD2_5ChIYlkaBDocolxlU6RUs8VWbttp5bGw6SFAkjyh8MD09rPAmaAu7DKmxrQ5C4T-tuGRU6cyAFlHMQHj_-47IjiSA2jxxa4aiMwzAji-ZdMVvp3HDZ7YZuvjfiWf6ba5a0I-7D9GzN6j1jE37yTSk0Ni9U4FvTKz0Mh01GV8izqd8PWLLgWvHUMvy4MPVAEKKyUrjE-gMlhrml3krtA1-Af5M08bY9FNX3W71__sbQ9akxO-wb_FWzMigzQ3ERVnw_mNnIxLTujjSlJJCzpEgkE51DO3DVgj_uFYaMTOHCoZtxbLlR7NyG-nqZVzFgWFVPlcwpHpwtfETTEs_gLlYptbmOVQYoWd17Q_xYGBjw4-iAsb8tpQ2AE0kbQFdhaVZj8VnFZM8T04tH_dUq39XvnunILHGSZ2zYKLQ0OtmH7S2gXaH64gcrueO8x1OKUEF68c9q1cB4lGIHxhhQAdbdCL2WkNcB3ygaEvVu4oqCQHhlA966_q9nxiEw_rVBPsqgjG-yWKjtyGdeYKZ3_dVfZEqEjNhlq3WcXNST7hhyJgZzQd4iUTyI4p4AOEuszt1nDeUsTgsedgCrru0IFHbiq9GqTSwYyzyVHFZSOjH-Hy18P0bXEld-VoRqbS3Ad4W_5emBuZfOIxZF4WmoFY2rWFrToazMeYTnWBhdyUhb6cZfXJOawejFbHXnNkldb_Lv-CqM07WeeLYTrqoaRLRwzEtsjhXf7ORmtT-gZn_qrh2XQcqeULETPSDXVtd7wGipFbEn5DKl0pjWB8ANoxpHIb4z1ZLUkfT_sUMB-soBVcWcg0dxDNDVq8mE8hog_OmVdLfdlXY-O82frax5zhwUqOWk4VmBzE-VX7_jM9RLL1-P9o5qL3N7ATGlkGF7IFHUhGLikeGqisYmssqTDDoqwhriaEBfp9mFS_YSjzsa2-45ZscgLckvMTBXESqpjqOrwsukAA8sQ&sai=AMfl-YS5fOn7FEJDFceZdLdR6ca5zjTdPMlrG9YvEEjRTN-ZB2yJk3scijvyLDcRrZtWHJl5c8G9XR8VLn_h0d-B5EAc-UXZuRR0wWCpFaSIJmogRXH4DkwQw4HQG6cMx0eYuQhvd2g-6FwBZAD5QhRG971VJbscv1yfXPKzHm4&sig=Cg0ArKJSzIikSNxMwJoAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=434&cbvp=1&cstd=417&cisv=r20211207.16374&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 16 Dec 2021 18:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 3807 43 B
1 KB 81ms
17ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extCa=717&extTcm=de.06r.dv360|2021-12.adbundle.dynamicadmargin.000006

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 16 Dez 2021 06:26:44 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 16 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 717
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/906389/59213328/ Frame 5C70 91 B
315 B 37ms
37ms Script
application/javascript 54.171.208.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/906389/59213328/skeleton.js?ias_callback=__IntegralAS_fa0febc72b6d37548fa2618c4f59d0b9_571&videoId=8eca2b21a640fabc142cf9146e7f5592&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJ9LpK3cHaWDxEeo2QXChXSUNnbZIjtlKlDAjM0l9A1GFKsFzNNC8ZS-zsP_NaDuIwMm7UsG8bK8zjLrdgiahWBZ2cBExpDmagnKKm4c6PkMn9BRx48kLsRVkpNv2dKRr1EK5IwDIUuwJW5ABY2fxMIA&sig=Cg0ArKJSzD3NucuHPGlTEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213338&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=e319f736-1799-4338-b23e-46f344de5046&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:fa0febc7-2b6d-3754-8fa2-618c4f59d0b9,c:wZa3sl,sl:outOfView,em:true,fr:true,thd:1,mn:app15ie,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,br:c,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:3,fm:sRMyQ0K+11%7C12%7C13%7C1411%7C142%7C143%7C144%7C145%7C146%7C1471%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d*.906389-59213328%7C1d1%7C1d2%7C1e1%7C1e21%7C1f1%7C1f2%7C1g1%7C1h11,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:28,oid:b81fa2d0-5e9d-11ec-bf29-0a320acf4edc,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/906389/59213328/skeleton.js?videoId=8eca2b21a640fabc142cf9146e7f5592&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJ9LpK3cHaWDxEeo2QXChXSUNnbZIjtlKlDAjM0l9A1GFKsFzNNC8ZS-zsP_NaDuIwMm7UsG8bK8zjLrdgiahWBZ2cBExpDmagnKKm4c6PkMn9BRx48kLsRVkpNv2dKRr1EK5IwDIUuwJW5ABY2fxMIA&sig=Cg0ArKJSzD3NucuHPGlTEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213338&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=e319f736-1799-4338-b23e-46f344de5046&adsafe_par=&logTestResults=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.208.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-208-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 75dbdb37e79ca1ed66ea999293551621861caacad4ee10b516a517d2389f6e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/category/videos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: application/javascript;charset=utf-8
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 6CC5 80 KB
21 KB 7ms
7ms Script
application/javascript 2600:9000:2156:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6603494
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: B0GxZKqNeZtJ9k9ooeSVgO3p9lfdRDv8MVW_IyYMZ1T-dpCSEWXU9g==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/26872614139985920/ Frame CA29 55 KB
15 KB 15ms
15ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52805abb330df5107936a0e751608ae26d61201e1972c1603f7e30c85607fcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
expires: Fri, 16 Dec 2022 18:26:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Sep 2021 14:57:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0C47 0
24 B 57ms
57ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmxI6EBt2TPLXqO2SPSAFUMGiFvInwPnBb2QnOXkwZnQnpAsBXH2UR6kMrIZpLJhBOoja4yXd-nkchWQvrM2caH33e3hgM7RTFx8k1Je9VCOR_t2xPwxNto6Xt6ACHVLGr-U1HkMvFAO6SmeqrsLpfHuWP6DyXY_F3ZdusgpApm-ybdmHv8RWWfaxtTOdA-pOKZjeRYE5z6eec8RKmLTLzvCuesMKpKGKu-gAjP_OIUUc2ERv7RcdpKvCQsrUAzpkZNiDDGl80nJ8djGKh8B0yAJnvjn0m07T4zd4gDHWxhu_AN_WgHcFZNojUNtAk3cl97rlYr8y9f2SkY4dCzfFtq7UB7gq3_DyHvcH0cBJre2Sf5ghTP994gF3bplMvPFqkw8nKtRGdoXw8d5dFIfHXi0-jFqPZM5Ha1A1vfTQOms5iKalZoVhhPWpxPe7cSu_TwLS7sJOpsSHrUsglXYN8jeu2XH9HlbU9qG8e0_wrFxa3LBg3pC9sBCHyXjLgCAUqbEO4D1YZc5vLYlDcngeAxfy7UmauWaoLraX-MudNqKi8s2yl06rhtijnUJbY_scFDTDHKU-bRENIeIf1Pv6eztFBXAXalvAM12_qBUlON3mHL_12_AQsftEXvfs3OYeibKM5Q2gZ-iSKXvq3Me6LOcivbgSAZPclAtOUdaPPdM47JrWH07TqU3ENSZ111Hp4jP-pBaw2IV9LbgNbtCyNJ7R0yqWqEmisLGuHo4O5rhxKWhStPQffMTF83wODLTA7a_afzh2SLxf7Y5SxwEHXt8YxG7d4etBxf-BwwmIZRaMzWBaM2at-v-E8KZzXZnEA6nkL1G18WlW1vPXNDkcX9C7Cv203ooF1_coBa1xAUxONGJgINMgNqM3NHdajhIr4LI3Xe-u-xhZm-1FFWB-12HRlbXJoO7ASY2Lp4VPsvpD0tddSiUoEACTH3AUUeDB9aUAkgRJYeT4WX0r8t5oazXIIM4eZmdtqPjQJHrTbpXWMtGx8emy3InZgR-NdotcwCncwwBXH-u7pYZfFEex_479i4FaINYup5OoT_yzJ53kZLir5Fg8PXoS1yUWIa8hyxLzunAN5U36-yWnOSqR01TSBWLSyqHvfZfVJfi_NAspqm1meY_lonPCvd0TLvf-pFPSbzgarMW-xDik8RYKQtd3FqyeqbXla_rDRvS8&sai=AMfl-YTqypkgTYQaIJNu75Zum5DqEf0VnJMh4a_8qnogWhZl_Avy9Vb-CUmYWsOSRKq8RYxdfQHz6YmolOtjUZZcQLy8MybRwboH6VA4EkwCG_PobDT-xbWlQrTo9tw0NP7lvYcr-W6bg5f7KC8X5qG4dK-Wwou2u-J7zo_RxMQ&sig=Cg0ArKJSzDoocc-yKv7yEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&cbvp=1&cstd=309&cisv=r20211207.98815&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 16 Dec 2021 18:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 0C47 43 B
946 B 65ms
20ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extCa=717&extTcm=de.06r.dv360|2021-12.adbundle.dynamicadmargin.000006

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 16 Dez 2021 06:26:44 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 16 Dec 2021 18:26:44 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 717
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1.js Show response
s.d3sv.net/adsrv/lib/adlib/ Frame A162 3 KB
1021 B 17ms
17ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.d3sv.net/adsrv/lib/adlib/1.js
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 704cf19dd688b0b00c19faf54b2ebb8833de2ec463e1a93c1aabd45d3974d91f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 15:44:20 GMT
server: nginx
etag: "61ae2fd4-aa7"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds156.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 873

GET
H2 200 ProximaNova-Bold.woff2
s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ Frame A162 26 KB
26 KB 16ms
16ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ProximaNova-Bold.woff2
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c623c1bfe44fceb2a26d2d81ebb725e2475fa2037b6401548fa830c13ff100ea

Request headers

Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Origin: https://s.d3sv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
last-modified: Mon, 06 Dec 2021 12:39:04 GMT
server: nginx
etag: "61ae0468-6724"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds284.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 26404

GET
H2 200 ProximaNova-Regular.woff2
s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ Frame A162 26 KB
26 KB 17ms
17ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ProximaNova-Regular.woff2
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8142565934796eda886ac19cca5493d92d1470793c3315509b32cb37aa96dd20

Request headers

Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Origin: https://s.d3sv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
last-modified: Mon, 06 Dec 2021 12:39:04 GMT
server: nginx
etag: "61ae0468-684c"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds202.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 26700

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 551ms
183ms Image
image/gif 44.241.140.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=fa0febc7-2b6d-3754-8fa2-618c4f59d0b9&tv=%7Bc:wZa3vr,pingTime:-2,time:219,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:3151,beZ:3152,mfA:3153,cmA:3155,inA:3155,inZ:3160,prA:3160,prZ:3173,si:3178,poA:3179,poZ:3203,cmZ:3203,mfZ:3203,loA:3313,loZ:3315,ltA:3370,ltZ:3370%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:400.225,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:27%7D%5D,ve:%7BvEventCount:1,vEvents:%5B%7Bt:-378,tp:adLoaded,sl:o,ad_duration:30,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:220,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B213~100%5D,as:%5B213~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRMyQ0K+11%7C12%7C13%7C1411%7C142%7C143%7C144%7C145%7C146%7C1471%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d*.906389-59213328%7C1d1%7C1d2%7C1e1%7C1e21%7C1f1%7C1f2%7C1g1%7C1h11,idMap:1d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:env,slid:%5Bcnx-ad-slot-e790d79f-a501-4cb8-a0a3-44045d8bcbf4,cnx_bid_slot_eb3db65c-11eb-48df-99f2-a11c47801cea%5D,sinceFw:190,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.140.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-140-107.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3807 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Dec 2022 15:05:28 GMT

GET
DATA 200
OK truncated
/ Frame 3807 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5425ed2b85d5ecddcde692cb793d930b2acc3a50dce1bb2541e89fc232307878

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0902
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042368557124876440

42 B
367 B

13ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042368557124876440
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Dec 2021 18:26:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug015:0:393
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 16 Dec 2021 18:26:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042368557124876440

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame BA1C
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&addseg=19,36,42

43 B
43 B

89ms
26ms

Image
text/plain

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-length: 43
content-type: text/plain; charset=utf-8

Redirect headers

date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame BA1C
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1520C0B0-4915-482E-8EDE-84F1E7A611CA&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1520C0B0-4915-482E-8EDE-84F1E7A611CA&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

29ms
26ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1520C0B0-4915-482E-8EDE-84F1E7A611CA&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:42 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:42 GMT
frontend-id: 15
location: /pubmatic/1/info2?sType=sync&sExtCookieId=1520C0B0-4915-482E-8EDE-84F1E7A611CA&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame BA1C 95 B
456 B 40ms
20ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1520C0B0-4915-482E-8EDE-84F1E7A611CA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6be9f6348f895363-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame BA1C
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA
https://a.audrte.com/p

68 B
617 B

103ms
102ms

Image
image/png

3.225.222.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 3.225.222.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-222-206.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:45 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BA1C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81af1dac-941a-4a28-8cd7-842422c9914d

42 B
292 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81af1dac-941a-4a28-8cd7-842422c9914d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:375
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81af1dac-941a-4a28-8cd7-842422c9914d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BA1C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2929780910311444289

42 B
389 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2929780910311444289
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:349
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2929780910311444289
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BA1C
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3343957620543684404&gdpr=0&gdpr_consent=

42 B
366 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3343957620543684404&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:577
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3ff87bb2-6d79-42af-a94d-13c43b30380f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3343957620543684404&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BA1C
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0DwEY945AmfLaQU21jVLYNFvUzXLaQMy1zREmXdA

42 B
488 B

14ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0DwEY945AmfLaQU21jVLYNFvUzXLaQMy1zREmXdA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:397
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0DwEY945AmfLaQU21jVLYNFvUzXLaQMy1zREmXdA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame BA1C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tnAb_9E2uWkxI73Sgt3s1.LInRB3Jw-~A&gdpr=0&gdpr_consent=

0
128 B

15ms
13ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tnAb_9E2uWkxI73Sgt3s1.LInRB3Jw-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tnAb_9E2uWkxI73Sgt3s1.LInRB3Jw-~A&gdpr=0&gdpr_consent=
date: Thu, 16 Dec 2021 18:26:44 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame AD0C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

43 B
645 B

108ms
107ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D1K6KKSW511NR5KC8D1W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4RDNT3BH0Y9TY6HMXV1T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame AD0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbuE48FpMdYRks-S89acmwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1

43 B
315 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame AD0C 70 B
264 B 40ms
38ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 YbuE48FpMdYRks-S89acmwAABIkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AD0C 43 B
876 B 106ms
41ms Image
image/gif 2a05:d018:d29:3602:7523:c0c8:9412:6c81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YbuE48FpMdYRks-S89acmwAABIkAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:7523:c0c8:9412:6c81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame AD0C 0
0 28ms
12ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame AD0C 43 B
220 B 41ms
8ms Image
image/gif 3.126.38.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.38.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-38-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AD0C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YbuE5gAMZSbHvQAz
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YbuE5gAMZSbHvQAz&gdpr=1&_test=YbuE5gAMZSbHvQAz

43 B
1 KB

17ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YbuE5gAMZSbHvQAz&gdpr=1&_test=YbuE5gAMZSbHvQAz
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639679206.424463,VS0,VE0
x-served-by: cache-fra19150-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YbuE5gAMZSbHvQAz&gdpr=1&_test=YbuE5gAMZSbHvQAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AD0C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204

43 B
1 KB

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame AD0C 43 B
425 B 10ms
10ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YbuE48FpMdYRks.S89acmwAA%261161
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2495
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 19:08:19 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 29B4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

43 B
645 B

113ms
113ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9H7MZ0J0VH0D64RV009N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 86HT03H9VJF5Y30SC55W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 29B4 70 B
264 B 32ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 29B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbuE48FpMdYRks-S89acmwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1

43 B
315 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 29B4 0
0 27ms
12ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 29B4 35 B
380 B 379ms
91ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 29B4 0
0 53ms
26ms Image
text/html 2606:4700:3039::6815:c085
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 29B4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204

43 B
1 KB

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:43 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642271204
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 29B4 43 B
425 B 8ms
7ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YbuE48FpMdYRks.S89acmwAA%261161
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2495
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 19:08:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0C47 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Dec 2022 15:05:28 GMT

GET
DATA 200
OK truncated
/ Frame 0C47 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca0b9ebf6f910e797bffd31429eb858b2424380437d9b628ac1c622001c069c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 4F9F 116 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Dec 2021 15:13:53 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame E93F
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

107ms
106ms

Document
text/html

54.174.249.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-249-39.compute-1.amazonaws.com
Software: /
Resource Hash: 80e71f1e8777c9885d3939f526aa204e26d7187549d0925cb9e3c2b05254cddb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Thu, 16 Dec 2021 18:26:45 GMT
pragma: no-cache

Redirect headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame CA29 116 KB
39 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Dec 2021 15:13:53 GMT

GET
H2 200 CTA_Hover.svg
s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ Frame A162 3 KB
1 KB 12ms
11ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/CTA_Hover.svg
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ed98137aec1709957cba1a42eb9d873dda2bd7a3d2028fe3bc12b84ddad97e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 12:39:04 GMT
server: nginx
etag: "61ae0468-d20"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds011.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1304

GET
H2 200 CTA.svg
s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ Frame A162 3 KB
1 KB 12ms
11ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/CTA.svg
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 66593a7318f71adfbffbecbcc79e7829c07e0405e3c1f768a4be19d32727f2f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 12:39:03 GMT
server: nginx
etag: "61ae0467-d30"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds264.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1311

GET
H2 200 Logo.svg
s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ Frame A162 37 KB
26 KB 13ms
13ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/Logo.svg
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 878de693fd93ef8ab6fff76a5da9e7ef9ff193c9395a3fd1eecc3edb4222db2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 12:39:04 GMT
server: nginx
etag: "61ae0468-94fc"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds125.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 26273

GET
DATA 200
OK truncated
/ Frame A162 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 BG_300x250.png
s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/ Frame A162 25 KB
25 KB 13ms
12ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/BG_300x250.png
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e39f04c0c38a5d1a12dc6e3696cb9747c77d2bf3b5406c4d85a57ff8ab5d08df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
last-modified: Mon, 06 Dec 2021 12:39:03 GMT
server: nginx
etag: "61ae0467-6301"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds237.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25345

GET
H/1.1 200
OK r Show response
p.d3sv.net/1045834414/v2/ Frame A162 229 B
603 B 32ms
7ms Script
text/javascript 159.69.43.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.d3sv.net/1045834414/v2/r?callback=processRecos&k=einsteiger10
Requested by: Host: s.d3sv.net
URL: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.43.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.43.69.159.clients.your-server.de
Software: nginx /
Resource Hash: d82bffed6b2bb321a98dbf0c4128f57653ed567cfccbdd8f19373d9666bb3c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 229
Content-Type: text/javascript; charset=utf-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7306 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 16 Dec 2021 15:05:28 GMT
expires: Fri, 16 Dec 2022 15:05:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ZahrahforDouglas-Semibold.woff
s0.2mdn.net/sadbundle/3797721627517517824/ Frame 4F9F 31 KB
31 KB 19ms
19ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3797721627517517824/ZahrahforDouglas-Semibold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

648f3f39eaa215f2e09c9d1848e6471cc08f4b77640f84b03a11a61d023e30bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 04:12:20 GMT
x-content-type-options: nosniff
age: 396864
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31908
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 14:27:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Dec 2022 04:12:20 GMT

GET
H3 200 AvenirNext-UltraLight.woff
s0.2mdn.net/sadbundle/3797721627517517824/ Frame 4F9F 87 KB
87 KB 16ms
15ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3797721627517517824/AvenirNext-UltraLight.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bdb826c4e316b6163d721b44fbbb57c54f78aa7410635ecf3570c8343ea2797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 19:43:08 GMT
x-content-type-options: nosniff
age: 81816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89200
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 14:27:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Dec 2022 19:43:08 GMT

GET
H3 200 AvenirNext-Regular.woff
s0.2mdn.net/sadbundle/3797721627517517824/ Frame 4F9F 89 KB
89 KB 14ms
14ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3797721627517517824/AvenirNext-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc31408a4ae1a01aec918145264e054e726594223db0b4e0446e5205e6d7b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:19:11 GMT
x-content-type-options: nosniff
age: 22053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90916
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 14:27:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Dec 2022 12:19:11 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 81C2 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 16 Dec 2021 15:05:28 GMT
expires: Fri, 16 Dec 2022 15:05:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF55
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

67ms
67ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
URL: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 16 Dec 2021 18:26:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 18:26:44 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 16 Dec 2021 18:26:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 113ms
113ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 ZahrahforDouglas-Semibold.woff
s0.2mdn.net/sadbundle/26872614139985920/ Frame CA29 31 KB
31 KB 8ms
7ms Font
application/octet-stream 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/26872614139985920/ZahrahforDouglas-Semibold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

648f3f39eaa215f2e09c9d1848e6471cc08f4b77640f84b03a11a61d023e30bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:17:14 GMT
x-content-type-options: nosniff
age: 22170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31908
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 14:57:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Dec 2022 12:17:14 GMT

GET
H3 200 AvenirNext-UltraLight.woff
s0.2mdn.net/sadbundle/26872614139985920/ Frame CA29 87 KB
87 KB 9ms
8ms Font
application/octet-stream 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/26872614139985920/AvenirNext-UltraLight.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bdb826c4e316b6163d721b44fbbb57c54f78aa7410635ecf3570c8343ea2797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:17:14 GMT
x-content-type-options: nosniff
age: 22170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89200
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 14:57:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Dec 2022 12:17:14 GMT

GET
H3 200 AvenirNext-Regular.woff
s0.2mdn.net/sadbundle/26872614139985920/ Frame CA29 89 KB
89 KB 11ms
10ms Font
application/octet-stream 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/26872614139985920/AvenirNext-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc31408a4ae1a01aec918145264e054e726594223db0b4e0446e5205e6d7b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:17:14 GMT
x-content-type-options: nosniff
age: 22170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90916
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 14:57:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Dec 2022 12:17:14 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3807 0
23 B 51ms
50ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNCnA7jdFRNcxkBgctbVz5p0oVovWLaAg0BRv7vcCPzQebdMuEj3kDgQ3xMvt9644z66BPULoHg-0tJ2i0kLosvsSMaP_xiw_dCFDQ-s1vul4qyhyFnywx8fzu0ZcIgSU53YM9ReDD66aHYFBT_52ozqPqyBaM8k8xe2mcKo0-MQL0k3l7RLfRz-NfPUPiD9qm9eiXmIaX0HOewDmpO5SVD2_5ChIYlkaBDocolxlU6RUs8VWbttp5bGw6SFAkjyh8MD09rPAmaAu7DKmxrQ5C4T-tuGRU6cyAFlHMQHj_-47IjiSA2jxxa4aiMwzAji-ZdMVvp3HDZ7YZuvjfiWf6ba5a0I-7D9GzN6j1jE37yTSk0Ni9U4FvTKz0Mh01GV8izqd8PWLLgWvHUMvy4MPVAEKKyUrjE-gMlhrml3krtA1-Af5M08bY9FNX3W71__sbQ9akxO-wb_FWzMigzQ3ERVnw_mNnIxLTujjSlJJCzpEgkE51DO3DVgj_uFYaMTOHCoZtxbLlR7NyG-nqZVzFgWFVPlcwpHpwtfETTEs_gLlYptbmOVQYoWd17Q_xYGBjw4-iAsb8tpQ2AE0kbQFdhaVZj8VnFZM8T04tH_dUq39XvnunILHGSZ2zYKLQ0OtmH7S2gXaH64gcrueO8x1OKUEF68c9q1cB4lGIHxhhQAdbdCL2WkNcB3ygaEvVu4oqCQHhlA966_q9nxiEw_rVBPsqgjG-yWKjtyGdeYKZ3_dVfZEqEjNhlq3WcXNST7hhyJgZzQd4iUTyI4p4AOEuszt1nDeUsTgsedgCrru0IFHbiq9GqTSwYyzyVHFZSOjH-Hy18P0bXEld-VoRqbS3Ad4W_5emBuZfOIxZF4WmoFY2rWFrToazMeYTnWBhdyUhb6cZfXJOawejFbHXnNkldb_Lv-CqM07WeeLYTrqoaRLRwzEtsjhXf7ORmtT-gZn_qrh2XQcqeULETPSDXVtd7wGipFbEn5DKl0pjWB8ANoxpHIb4z1ZLUkfT_sUMB-soBVcWcg0dxDNDVq8mE8hog_OmVdLfdlXY-O82frax5zhwUqOWk4VmBzE-VX7_jM9RLL1-P9o5qL3N7ATGlkGF7IFHUhGLikeGqisYmssqTDDoqwhriaEBfp9mFS_YSjzsa2-45ZscgLckvMTBXESqpjqOrwsukAA8sQ&sai=AMfl-YS5fOn7FEJDFceZdLdR6ca5zjTdPMlrG9YvEEjRTN-ZB2yJk3scijvyLDcRrZtWHJl5c8G9XR8VLn_h0d-B5EAc-UXZuRR0wWCpFaSIJmogRXH4DkwQw4HQG6cMx0eYuQhvd2g-6FwBZAD5QhRG971VJbscv1yfXPKzHm4&sig=Cg0ArKJSzIikSNxMwJoAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=977&vt=11&dtpt=543&dett=3&cstd=417&cisv=r20211207.16374&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 206 file.mp4
r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/e51b66ca9c20e70e/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783579597/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... 192 KB
0 18ms
8ms Media
video/mp4 2a00:1450:4001:12::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:12::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=131072-

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 10:19:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 131072-2231274/2231275
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2100203
expires: Thu, 16 Dec 2021 18:26:44 GMT

GET
H2 200 einsteiger.jpg
s.d3sv.net/ip/400x/https://s.d3sv.net/ops/consors_bank/dynamic_images/v2/ Frame A162 17 KB
18 KB 11ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.d3sv.net/ip/400x/https://s.d3sv.net/ops/consors_bank/dynamic_images/v2/einsteiger.jpg?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e507869013d15dfdbcc6cedb081b5cb344405dbd1ad6385c6dcb939ec917cfa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.d3sv.net/ops/consors_bank/dyn_text_flight4/V1/wettbewerber/300x250/index.html?motive=einsteiger10&clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvlWDQ74VjJzBY3nPnq1iK-p7KIwMvnhe7bVKy18k5dPeOyQe5e3GNNMWy7V23YmVCg2mWEfYwf6FsBVTPoQFDg8imGGM_saqOONx1ys-kUetVYkuAnfFjcsq_Wtthczp1qvpEoIuZSmlHWKZsK50HlUKO1hRPRSnTF0M3RSvhGBH7RGUskgB_0A6ezdRb6Eli9PUYV6sdQMD3Fxri1kRVjNZrz0Ui-KOHVb18H_oKZ0tFwFY0-jJePSNaRnrAIgN149COIboFhDsfOM9av-C2p-7lgO-qOHFF4rYix-dkwHCyRdUmBjgvqioRK78n4FaOtc1e23_Un756Q147k6N2rUDSGBwEpS4zLAGARMsS_S6lgKzxFmmz_6TSKrA7E4ftEc9mv3AxT02sWiLJbDAz3cFRSP-zCzA6RdV9oJ_xIuIffMe2MU6-ODQp_n11cQQvNZg2ynGyL3bFy0kHunvqmEwcby_Zqic_KWYJ-YPYaNxvQCd4HLAzzHcbFhBXFaYiIIDoWXehl4AjvdngBZivEJEA98fLeHQgIE2o7I847rpuYTC1fK9QiYc5kj-NWRkAp_SR7rzT5LHBuvsH3d2FcZKrSZLUtxdzIKg51jofdlhYxK2RyFuDfLC4KGBEy9-7F3TMljqSTyVlfPeJAsJWIDjF37tGwhpJN5Ysecu7lOCHQwL1i_4wnz8u9x4G-mu8XzseFfNF758xdr_7wd35wjJMPQmMyl7D5Qc3TJgWENrg1dbFe9yTQ6pfQUzgMmOMJSozaLD4M2_XqsiPQACnFEZggcPlu6pEBtCqrECiq-DODvtdJ-TguaDKOYmhgkxoigx_crAA_8Jd4Lw-xdIjFDAdRriP49l4Je92tQhslicIO0PFME36Od73UExT-ezrGwRNnh1vNT-Po4e575pOF8MkS57ddpj1QD5Mq_2bKfpwdg8XHqVQk7u3AXzT_o81rLRIKaGiQG5Zc8g0HhNp7QpekN-Pqwt4lvlEU2-fmwfrVAjaoqX6vBGNH09Z2iUcru2WSY79WpRp2gw6oVwEEaepHILG_1EWhGX6QDTSSq2F4ZovrHnZ7giSzNNgfporq4QyfqfsblAvvtXmtURlk0gacQ2I3t2ihZ3kXluXCVueF%26sai%3DAMfl-YRsNIz00b83sa0p8d7y3J5i43YSTzkwOydbLPxt_jUZDMJUPfMosoTNwNqICVwX9GtlHlcoQAdItSGjfokjOejjogt8C6LVMKtHochag5q_NqTKs_t67irLgegWGcpAQlkw2BIqiuL6iOi7y_uxDhPyfuKbSV_kz3x4ps1jWMLC5P2O_w%26sig%3DCg0ArKJSzAc9oPKMTYSKEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=6271&dma=0&zp=21029&bw=1&adId=515023622&advId=4768038&campId=26257572&crId=162885806&cb=1898993650&exitPrefix=exit-&3p=1&width=300&height=250&env=dcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
last-modified: Thu, 09 Sep 2021 07:10:35 GMT
server: nginx
etag: "6139b36b-43b21"
x-hw: 1639679204.cds147.fr8.hn,1639679204.cds208.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17903

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0C47 0
23 B 52ms
51ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmxI6EBt2TPLXqO2SPSAFUMGiFvInwPnBb2QnOXkwZnQnpAsBXH2UR6kMrIZpLJhBOoja4yXd-nkchWQvrM2caH33e3hgM7RTFx8k1Je9VCOR_t2xPwxNto6Xt6ACHVLGr-U1HkMvFAO6SmeqrsLpfHuWP6DyXY_F3ZdusgpApm-ybdmHv8RWWfaxtTOdA-pOKZjeRYE5z6eec8RKmLTLzvCuesMKpKGKu-gAjP_OIUUc2ERv7RcdpKvCQsrUAzpkZNiDDGl80nJ8djGKh8B0yAJnvjn0m07T4zd4gDHWxhu_AN_WgHcFZNojUNtAk3cl97rlYr8y9f2SkY4dCzfFtq7UB7gq3_DyHvcH0cBJre2Sf5ghTP994gF3bplMvPFqkw8nKtRGdoXw8d5dFIfHXi0-jFqPZM5Ha1A1vfTQOms5iKalZoVhhPWpxPe7cSu_TwLS7sJOpsSHrUsglXYN8jeu2XH9HlbU9qG8e0_wrFxa3LBg3pC9sBCHyXjLgCAUqbEO4D1YZc5vLYlDcngeAxfy7UmauWaoLraX-MudNqKi8s2yl06rhtijnUJbY_scFDTDHKU-bRENIeIf1Pv6eztFBXAXalvAM12_qBUlON3mHL_12_AQsftEXvfs3OYeibKM5Q2gZ-iSKXvq3Me6LOcivbgSAZPclAtOUdaPPdM47JrWH07TqU3ENSZ111Hp4jP-pBaw2IV9LbgNbtCyNJ7R0yqWqEmisLGuHo4O5rhxKWhStPQffMTF83wODLTA7a_afzh2SLxf7Y5SxwEHXt8YxG7d4etBxf-BwwmIZRaMzWBaM2at-v-E8KZzXZnEA6nkL1G18WlW1vPXNDkcX9C7Cv203ooF1_coBa1xAUxONGJgINMgNqM3NHdajhIr4LI3Xe-u-xhZm-1FFWB-12HRlbXJoO7ASY2Lp4VPsvpD0tddSiUoEACTH3AUUeDB9aUAkgRJYeT4WX0r8t5oazXIIM4eZmdtqPjQJHrTbpXWMtGx8emy3InZgR-NdotcwCncwwBXH-u7pYZfFEex_479i4FaINYup5OoT_yzJ53kZLir5Fg8PXoS1yUWIa8hyxLzunAN5U36-yWnOSqR01TSBWLSyqHvfZfVJfi_NAspqm1meY_lonPCvd0TLvf-pFPSbzgarMW-xDik8RYKQtd3FqyeqbXla_rDRvS8&sai=AMfl-YTqypkgTYQaIJNu75Zum5DqEf0VnJMh4a_8qnogWhZl_Avy9Vb-CUmYWsOSRKq8RYxdfQHz6YmolOtjUZZcQLy8MybRwboH6VA4EkwCG_PobDT-xbWlQrTo9tw0NP7lvYcr-W6bg5f7KC8X5qG4dK-Wwou2u-J7zo_RxMQ&sig=Cg0ArKJSzDoocc-yKv7yEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=753&vt=11&dtpt=425&dett=3&cstd=309&cisv=r20211207.98815&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/category/videos/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4F9F 6 KB
4 KB 23ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c705be2f9505e19cfd1a3b65f93612b661f625a1ecd7dfdb5681b1e3243eb9ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4441
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CA29 6 KB
4 KB 23ms
22ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

755a01eec8795b0a1da225a9ff7d1b1abc5f384c888a3200021b9fe982f879e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4426
x-xss-protection: 0

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7306 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 16:07:01 GMT

GET
H2 200 316619153 Show response
cia.dqnacloud.com/request/douglas/prospecting/ Frame 4F9F 8 KB
8 KB 90ms
22ms Fetch
application/json 35.204.201.221
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://cia.dqnacloud.com/request/douglas/prospecting/316619153

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.201.221 Groningen, Netherlands, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

221.201.204.35.bc.googleusercontent.com

Software

Resource Hash

dbc9316e92a0d59ae84e0e4b37c3c111a30a34267760b3461ac8181fdbec5487

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
content-length: 7876
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 81C2 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 16:07:01 GMT

GET
H2 200 316823371 Show response
cia.dqnacloud.com/request/douglas/prospecting/ Frame CA29 7 KB
7 KB 95ms
35ms Fetch
application/json 35.204.201.221
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://cia.dqnacloud.com/request/douglas/prospecting/316823371

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.201.221 Groningen, Netherlands, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

221.201.204.35.bc.googleusercontent.com

Software

Resource Hash

2e050a8250fb76c88e703f8c92fba610628ecdcd7a8588a0c498822621b16a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Dec 2021 18:26:44 GMT
content-length: 7237
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F9F 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 16 Dec 2021 18:26:44 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 528B 42 B
64 B 23ms
20ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CA29 17 KB
6 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 16 Dec 2021 18:26:44 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 528B 41 KB
15 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 10 Dec 2022 15:45:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 528B 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 528B 0
24 B 60ms
59ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQq6ZBFUtAE7Gh4ROm74mBeqlDSNQoFAJyem-qWYrTHWn5Rl3ZGB_3x7CHKYhsiZD7TdwkpeZGllvgrryAP7zAeOYyM4VW54aBIx8ti0njT5mYciMycsLhzSv7Q6D_bwAVb_XaoWbJwrFYPROCYcJgfQ6DQqJJeDRrm5F2jsD12jYyKMOHhlFx3_HJLRtrmZ_AerdBe6Lo_fSAV6QC5_DCFhy8bf940KPc4wSVoZCZDG1cZjcrtK_ksydLXT8nhceNNXn7keqdhVO_E6Ti-LpdtA2KuFQn1m0_n7UGVO87UwZ8wM93V4c1zfzB-gn5b-Rf73UD5BScr6aHNqsu_fqXrHNTBHIOPtF_jvkzOXmtFIMtkJtSUiptkSCnKHW2R7g7iiv5lzJveXFD3WQsZBzxoaUG-S6zAyoEihjho4cxzDn93HpjdZCTXJ5cFJFrbzNHu-NLK0KYNUgadlks9XDWg9iyW719nLqKGWUgj0Ax6BqY_XrWyvvBBjQBDtTpgotUTTtwYOza-ddAVUd7fBOORlQB5tNKKtzkn2L9GKOoa-oNC2ZAAL2a3rcTAfBCGWOsoP3dYAl2vWY_MwQjryvSEiO5hxIGnaKDxPweXjqPb0OKW3qot0y_N1FK3dsvHXfcb9k8ww2IDE3Mgm4BNoQOoALTtL0C0AjEbai-0X2w0O2ooW03Hk32TY-fL-vQHNgZtspDXd1kV6ANUqPrhuIhe-6QXQA2CuosaeYTyEFmCJUnswNOPN2BcjVzm03KpuYaPfPwgSL2Sr6XWuofedcfbmdwvas5T2Y8KCGydjH2EbKF_Az7NSdqzLwmzRnQuhYcPISKaSbZTlodi8dUOR8cYgYbK_dVdhOhmcdJGf9S6-6deEebh364MxniTv8-qzhQ4CmPojxNQebkjyGBNFbcTV_DCY7KeG_LIxl8YLElVkidxhMYMPzK-SDbhW6E1icfZR_SdHMSbFPpr5idnB1k1YlrCTgEBf3Xa3qZlYu7uZnRgsZlWs8vDPBM9bl-E70XDCRzbkG81MsfCvkCC_fzHqgOObd78eCDHb2Q3Kl-hdKII8AdzojxSwZ_FRNo1kPMoi8YHoQZ2tvaMXnttwGcEsQ4mPf2DeZ2Z524hSdjbob61LsQB39Gk8eYFzaF16L40NNpfC65TL9W4kbUsxZnbsDYwrSECNNB1gFMFwnGq2wd6xA-Oo0Y9jx9gi3uX3_k&sai=AMfl-YSNLD1pzxBFYma68guQETop6SOK1NHP7FgdelupdKEwvD1RV3nnZEkz-Y2uW8MzBsf3A5QWCZoQWV1iJIT_W7A-7P7crqBoDZHEjZIWl0KMVPKPq6JxCX3UoIiUYJXtHdlfYV3VV2KSbWkoBfD3AyFgmDpUXw&sig=Cg0ArKJSzGPXYTc_D90vEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.493.0&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 16 Dec 2021 18:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 528B 0
0 23ms
20ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPAyQIQyNnWhQMY8p-uvQEgATAB&v=APEucNUDLRtKiNvg1-hpX7cRrOQUOn1W_fEEDLATbbeRW3tby-L-3uhW6t3wyZK_5UV6qGmt_FwnUPS7Xi3XNtLlTV15u5eeZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 528B 42 B
64 B 29ms
21ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7CIz4YS7YePWE_KirAS1kIbIBbOp1thmyOi2oPYOh7a-z4gKEAEg0pbmOGCVgoCAwAegAdXQ8aMoyAEFqQK5_um4XgOzPqgDAcgDE5gEAKoE9wFP0NmHkdOdCZT7B7UUDA_KrjQwzcxA7NpdbI8E9dmyoL1H1VRTvFg1OSwfkSNSe7pH4mxLHEewKDPhmb1RMsXErJ3wo0d3VUByHaLSR5WRd2ZCWYuGBA470ErQuyObWM4_inWO0khJZJTQ9lgd49Sn3NVTzz-JJrPfpx2fGbpFKlLd3DGf3kFxfzUmtD_5nYmFyd7aZkeDBLKg-quJkuUZZA9FyvAD-J4CJMWbSGB602rQzM3x7pgw3EhmH-kX8RL06a_DfdNfR2Jy1g7MNAK4qdSZI4sijt7QTCBXi8q7TQL1hwdo_UPmarVPd3hAXFlMp_OpHDclwATrnOXn-QPgBAOQBgGgBk6AB9WIwoMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzU2NjMyODYyMzU0NDg2gAoDmAsByAsBgAwBsBPPtbENyBOfveneA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&sigh=laONXBQL-Cw&label=vast_creativeview&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,2580%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4954%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1639679203063&sdkv=h.3.493.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1Njc4ODQ1NTIyODlAiAQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTU1ODk2MjgyCTE2MzAzMTE1NkDaAlI2CM8HEA8lAABwQSgBOgsxNjMwMzExNTYtMUIER0RDTUi9CVAAWhB4NlJRLTJNMFVsRGNHZV9qGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI8YiBg_no9AIVxRLTCh3JRQOWEAAYACD00N5NOhoIyNnWhQMQ65zl5_kDGJ-96d4DIMjotqD2DkITCKPL3IL56PQCFXIRiwodNYgBWQ;dc_rmcid=CAASEuRo8txmebOZirl_2w6KIT1u6g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D914%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 528B 42 B
63 B 58ms
49ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8YiBg_no9AIVxRLTCh3JRQOWEAAYACD00N5NOhoIyNnWhQMQ65zl5_kDGJ-96d4DIMjotqD2DkITCKPL3IL56PQCFXIRiwodNYgBWQ;dc_rmcid=CAASEuRo8txmebOZirl_2w6KIT1u6g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,2580%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4956%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639679203063;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 528B 42 B
64 B 57ms
48ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn4-jdBA8engWUgs5jqg0uP1BRfFglwQIGdhIN6ibd6qqqMwPjl0gdhvXop9Ha0ZmyuoL2JSVqDGUE0d3CwQOKI_NQLvCw_0ofsKrPOuTXeQ9etCLZSg&sai=AMfl-YS2jzymtWncvkD2wXFpMHoq2YdjCXz9W3sgWFp3LS3-n73mRhSTpiFSzvAmLLhKCj81WzlTeZAuFmf9wHVruwuH2-jkdcONHbI18MtAS8hdSE0URswfItL7hrOm&sig=Cg0ArKJSzHpdeARd3JgcEAE&cid=CAASEuRo8txmebOZirl_2w6KIT1u6g&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,2580%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4956%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639679203063&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8YiBg_no9AIVxRLTCh3JRQOWEAAYACD00N5NOhoIyNnWhQMQ65zl5_kDGJ-96d4DIMjotqD2DkITCKPL3IL56PQCFXIRiwodNYgBWQ;dc_rmcid=CAASEuRo8txmebOZirl_2w6KIT1u6g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,2580%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4958%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639679203063;dc_rfl=1,https%253A%252F%252Fthreatpost.com%252Fcategory%252Fvideos%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 528B 42 B
64 B 27ms
18ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7CIz4YS7YePWE_KirAS1kIbIBbOp1thmyOi2oPYOh7a-z4gKEAEg0pbmOGCVgoCAwAegAdXQ8aMoyAEFqQK5_um4XgOzPqgDAcgDE5gEAKoE9wFP0NmHkdOdCZT7B7UUDA_KrjQwzcxA7NpdbI8E9dmyoL1H1VRTvFg1OSwfkSNSe7pH4mxLHEewKDPhmb1RMsXErJ3wo0d3VUByHaLSR5WRd2ZCWYuGBA470ErQuyObWM4_inWO0khJZJTQ9lgd49Sn3NVTzz-JJrPfpx2fGbpFKlLd3DGf3kFxfzUmtD_5nYmFyd7aZkeDBLKg-quJkuUZZA9FyvAD-J4CJMWbSGB602rQzM3x7pgw3EhmH-kX8RL06a_DfdNfR2Jy1g7MNAK4qdSZI4sijt7QTCBXi8q7TQL1hwdo_UPmarVPd3hAXFlMp_OpHDclwATrnOXn-QPgBAOQBgGgBk6AB9WIwoMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzU2NjMyODYyMzU0NDg2gAoDmAsByAsBgAwBsBPPtbENyBOfveneA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&sigh=laONXBQL-Cw&label=part2viewed&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,2580%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4958%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639679203063&sdkv=h.3.493.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1Njc4ODQ1NTIyODlAiAQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTU1ODk2MjgyCTE2MzAzMTE1NkDaAlI2CM8HEA8lAABwQSgBOgsxNjMwMzExNTYtMUIER0RDTUi9CVAAWhB4NlJRLTJNMFVsRGNHZV9qGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8YiBg_no9AIVxRLTCh3JRQOWEAAYACD00N5NOhoIyNnWhQMQ65zl5_kDGJ-96d4DIMjotqD2DkITCKPL3IL56PQCFXIRiwodNYgBWQ;dc_rmcid=CAASEuRo8txmebOZirl_2w6KIT1u6g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D31,0,0,0,0%26mtos%3D31,31,31,31,31%26amtos%3D0,0,0,0,0%26mcvt%3D31%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D31%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D31%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D31%26dfvs%3D31%26dvpt%3D31%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4963%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,31;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639679203063;ecn1=1;etm1=0;eid1=16;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 528B 42 B
64 B 26ms
18ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7CIz4YS7YePWE_KirAS1kIbIBbOp1thmyOi2oPYOh7a-z4gKEAEg0pbmOGCVgoCAwAegAdXQ8aMoyAEFqQK5_um4XgOzPqgDAcgDE5gEAKoE9wFP0NmHkdOdCZT7B7UUDA_KrjQwzcxA7NpdbI8E9dmyoL1H1VRTvFg1OSwfkSNSe7pH4mxLHEewKDPhmb1RMsXErJ3wo0d3VUByHaLSR5WRd2ZCWYuGBA470ErQuyObWM4_inWO0khJZJTQ9lgd49Sn3NVTzz-JJrPfpx2fGbpFKlLd3DGf3kFxfzUmtD_5nYmFyd7aZkeDBLKg-quJkuUZZA9FyvAD-J4CJMWbSGB602rQzM3x7pgw3EhmH-kX8RL06a_DfdNfR2Jy1g7MNAK4qdSZI4sijt7QTCBXi8q7TQL1hwdo_UPmarVPd3hAXFlMp_OpHDclwATrnOXn-QPgBAOQBgGgBk6AB9WIwoMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzU2NjMyODYyMzU0NDg2gAoDmAsByAsBgAwBsBPPtbENyBOfveneA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&sigh=laONXBQL-Cw&label=admute&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D31,0,0,0,0%26mtos%3D31,31,31,31,31%26amtos%3D0,0,0,0,0%26mcvt%3D31%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D31%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D31%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D31%26dfvs%3D31%26dvpt%3D31%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4963%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,31&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1639679203063&sdkv=h.3.493.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1Njc4ODQ1NTIyODlAiAQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTU1ODk2MjgyCTE2MzAzMTE1NkDaAlI2CM8HEA8lAABwQSgBOgsxNjMwMzExNTYtMUIER0RDTUi9CVAAWhB4NlJRLTJNMFVsRGNHZV9qGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK ai Show response
capi.connatix.com/tr/ Frame 5BA8 4 B
319 B 103ms
103ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ai?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: a24717eb0eaff7c9e26429de43ede6e5b69bfe5471323719a563fdab55e556bd

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/ 2 KB
556 B 8ms
7ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/884ac5a1-17c4-4997-a33a-64fa5faad34b/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by: Host: threatpost.com
URL: https://threatpost.com/category/videos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8578ba646e27432ebb8a0d60a2abe221cf2a160050e56f8f714a6122cf9b93cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:44 GMT
content-encoding: br
age: 109466
etag: "/EpRHL3OXdpA3TFH0daYwDboJcsM0xa5SzuzgB16/YI"
access-control-max-age: 86400
fastly-io-info: ifsz=21905 idim=2560x1440 ifmt=jpeg ofsz=1635 odim=400x225 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 491

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 184ms
184ms Image
image/gif 44.241.140.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=fa0febc7-2b6d-3754-8fa2-618c4f59d0b9&tv=%7Bc:wZa3DQ,pingTime:-10,time:740,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639679204401%7C%7C7b7806140020c0a92fddb58a0de5c9d7%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C9f58484317327320de38d24256a159de%7C%7Cfac48a620b30a398a34917925c317b98%7C%7Cf347c17c9a9b33be54c78562b59f878c%7C%7Cf26006516a95cbb429488158fc0a4ed9%7C%7C263a2e4e3feeded907450707a4188274%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.140.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-140-107.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C72D 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 16:07:01 GMT

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame FE0E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 16:07:01 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 38FB 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 16 Dec 2021 04:59:25 GMT
expires: Fri, 16 Dec 2022 04:59:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 48440
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 douglas-logo.png_1631105832379_douglas-logo.png
s0.2mdn.net/dynamic/2/10860218/www.setka.am/showcase/Douglas/assets/ Frame 4F9F 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10860218/www.setka.am/showcase/Douglas/assets/douglas-logo.png_1631105832379_douglas-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b84982d7606f3998699ea227e600f289754487cd8a63c785d3de364cfd327706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:17:13 GMT
x-content-type-options: nosniff
age: 22172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1917
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 12:57:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 12:17:13 GMT

GET
H3 200 483513237_1635155559.jpg_1635155642761_483513237_1635155559.jpg
s0.2mdn.net/dynamic/2/10860218/douglas.myseamless.io/proview/proviewimg/template/ Frame 4F9F 52 KB
52 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10860218/douglas.myseamless.io/proview/proviewimg/template/483513237_1635155559.jpg_1635155642761_483513237_1635155559.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2a1b0f2286eb14e2c4389124e09b31e4be4c5d0a29da85cd86f1328fc37b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:19:19 GMT
x-content-type-options: nosniff
age: 22046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53310
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 09:54:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 12:19:19 GMT

GET
H2 200 U3k0qv440908-0-global.jpg
media.douglas.de/medias/ Frame 4F9F 4 KB
5 KB 447ms
347ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/U3k0qv440908-0-global.jpg?context=bWFzdGVyfGltYWdlc3w2MDg1OXxpbWFnZS9qcGVnfGgxNC9oMTYvMTIwOTU2MDA4ODU3OTAvVTNrMHF2NDQwOTA4XzBfZ2xvYmFsLmpwZ3xmZTMxM2Q1YzAwNzZhZTc4NDdmOGQ4YmUyYTUyYTk2NTQ4MjM2YzZlNjZjYjUxOTNjMmE4ZmNkM2FlYjFjZGYz&imwidth=300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 72f03082ab986d4ccfe0f0a86e40cf1b30b4d65499696ebef94ca6443fab08fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
last-modified: Thu, 09 Dec 2021 14:18:16 GMT
server: Akamai Image Manager
etag: f5e247edc0a306d01c4956023879042a
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 4538
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 brandlogo-b05302845116797082390507.gif
media.douglas.de/medias/ Frame 4F9F 962 B
1 KB 285ms
186ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/brandlogo-b05302845116797082390507.gif?context=bWFzdGVyfGltYWdlc3wxNzk5fGltYWdlL2dpZnxoMWUvaGZkLzg4MjM2Mzg0OTExNjYvYnJhbmRsb2dvLWIwNTMwMjg0NTExNjc5NzA4MjM5MDUwNy5naWZ8Y2U1YzRiMDVmYTViZGMyOTM1Y2E2MmE4YjliZGVkZWMxZDcxNzg3MzdiNjMxYzc3MWNjYmQxYTRmODM4YzVkOA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 0a72bf5230bcdeb25069ed524d5debf85a310d95e8155eff874e0bf45cf01435

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
last-modified: Sat, 18 Sep 2021 01:31:39 GMT
server: Akamai Image Manager
etag: d75e0ea45d1209ff3f4d4f3e47180c5a
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 962
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 SwwBzM011178-0-dgl-DE.jpg
media.douglas.de/medias/ Frame 4F9F 4 KB
5 KB 457ms
358ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/SwwBzM011178-0-dgl-DE.jpg?context=bWFzdGVyfGltYWdlc3w4MTczMXxpbWFnZS9qcGVnfGhlZC9oYWUvODgwMDk5ODU4ODQ0Ni9Td3dCek0wMTExNzhfMF9kZ2wtREUuanBnfDE2MzdjMWUxNmQ2ZTgzMGExYjY1ODgzNGExNTdkYjkwYjJkYjBlZGUxY2IzNDE5MWNlYzlhZjg0NTMzZmIwZjQ&imwidth=300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 259efa4dd5a35749493c2d0e82de58bbad200845f80f0a1e3938c58bec19fd87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
last-modified: Tue, 16 Nov 2021 08:15:06 GMT
server: Akamai Image Manager
etag: 61760862f835ce0048cb53faccdad871
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 4472
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 b0053-biotherm-368x98.png
media.douglas.de/medias/ Frame 4F9F 2 KB
3 KB 308ms
209ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/b0053-biotherm-368x98.png?context=bWFzdGVyfHJvb3R8NDkzOHxpbWFnZS9wbmd8aDYyL2hiOC8xMDMyNzQxMDkzMzc5MC9iMDA1M19iaW90aGVybV8zNjh4OTgucG5nfGUxYWRkZmYyYmJlZTE0YzZiZGRjZTBmYmVmYjZmMmM5OTA3ZmQ0Y2NkNDVhMDY0Nzg3NzQzM2RmMGU3MDRlYzk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 4e2fd3552ff75ef1020de2dc4a8dd09236da281cb979116072c58ea1503bf2c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
last-modified: Fri, 17 Sep 2021 03:58:30 GMT
server: Akamai Image Manager
etag: 5c5cb90df32f72c2488dace9ff2470d9
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 2508
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 am2Qjc987992-0-dgl-DE.jpg
media.douglas.de/medias/ Frame 4F9F 8 KB
8 KB 399ms
300ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/am2Qjc987992-0-dgl-DE.jpg?context=bWFzdGVyfGltYWdlc3w2NTE3NnxpbWFnZS9qcGVnfGg5MS9oMDgvODgwODI5MjgxMDc4Mi9hbTJRamM5ODc5OTJfMF9kZ2wtREUuanBnfGViNTg0OTZlZjJlN2QxN2MwMDdhZjIxNjQ3ZTllM2M4NWI1ZTNlMDlkZjQ3NjNiOTc3YjhiNjY4Zjc0Mjg2NzA&imwidth=300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3b3b3d65aaed7efe9a0a12d36c68fed6f3b71e14b86c5fe3be625ff968bb9d59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
last-modified: Thu, 09 Dec 2021 15:05:38 GMT
server: Akamai Image Manager
etag: db12179809b60527acc6ee7f26800e45
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 8238
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 brandlogo-b01292593611264999483601.gif
media.douglas.de/medias/ Frame 4F9F 858 B
1 KB 349ms
251ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/brandlogo-b01292593611264999483601.gif?context=bWFzdGVyfGltYWdlc3wxMjkyfGltYWdlL2dpZnxoMTcvaDllLzg4MjM2MzkxNDY1MjYvYnJhbmRsb2dvLWIwMTI5MjU5MzYxMTI2NDk5OTQ4MzYwMS5naWZ8NTMwYzljZDcwMjgxZTk3MDRmNWU2M2I1YTk3ZmVhM2QyZmZlM2ViZjdkYWI2MWQ3ZDAxMmIwYzViNjhhNjM1NA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 7adcc40384bdf60767132af52e61348f2b13520ee1802b18d4cba5ea884e3277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
x-check-cacheable: YES
x-serial: 1057
etag: 23bcce96eecc67cbeade0c45896509e5
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
last-modified: Wed, 01 Dec 2021 02:20:37 GMT
content-length: 858
server: Akamai Image Manager
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H3 200 AvenirNext-DemiBold.woff
s0.2mdn.net/sadbundle/3797721627517517824/ Frame 4F9F 91 KB
91 KB 9ms
8ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3797721627517517824/AvenirNext-DemiBold.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e025537d86d14c420ab40df771c32350cf2e43d5cd1464165711aa9b9745ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3797721627517517824/index.html?e=69&leftOffset=0&topOffset=0&c=pFZqVOsueb&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 14:59:21 GMT
x-content-type-options: nosniff
age: 271644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93464
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 14:27:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 14:59:21 GMT

GET
H3 200 douglas-logo.png_1631105832379_douglas-logo.png
s0.2mdn.net/dynamic/2/10860218/www.setka.am/showcase/Douglas/assets/ Frame CA29 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10860218/www.setka.am/showcase/Douglas/assets/douglas-logo.png_1631105832379_douglas-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b84982d7606f3998699ea227e600f289754487cd8a63c785d3de364cfd327706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:17:13 GMT
x-content-type-options: nosniff
age: 22172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1917
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 12:57:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 12:17:13 GMT

GET
H3 200 37731373_1635155559.jpg_1635155642761_37731373_1635155559.jpg
s0.2mdn.net/dynamic/2/10860218/douglas.myseamless.io/proview/proviewimg/template/ Frame CA29 61 KB
61 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10860218/douglas.myseamless.io/proview/proviewimg/template/37731373_1635155559.jpg_1635155642761_37731373_1635155559.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f54ceed05da8f091b9585d2148b1de11ea12d0749747a13aaaf7ed65515e21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 04:00:29 GMT
x-content-type-options: nosniff
age: 311176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62510
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 09:54:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 04:00:29 GMT

GET
H2 200 bUaouc742335-0-dgl-DE.jpg
media.douglas.de/medias/ Frame CA29 2 KB
2 KB 341ms
261ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/bUaouc742335-0-dgl-DE.jpg?context=bWFzdGVyfGltYWdlc3w0MDA3NnxpbWFnZS9qcGVnfGgxYy9oZWEvODgwNDY5NzcwMjQzMC9iVWFvdWM3NDIzMzVfMF9kZ2wtREUuanBnfDVjODkzNDdlN2RkN2RmZWE5YWE1MWM2MWQxMWY1OTE3Mzc5ZjMyNTE1OTVhZDcyNWY3ZjlhZDNjNTNhNTQwMzc&imwidth=300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 01945bc58ee152bc579e7ece0080137fbb061145512405d8a9115a4d37d7c01d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
last-modified: Thu, 09 Dec 2021 14:59:50 GMT
server: Akamai Image Manager
etag: ac27187cea91271a5787fa307218c4ae
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 2162
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 brandlogo-b405116759434125672518301.jpg
media.douglas.de/medias/ Frame CA29 2 KB
2 KB 332ms
252ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/brandlogo-b405116759434125672518301.jpg?context=bWFzdGVyfGltYWdlc3wxOTE4fGltYWdlL2pwZWd8aGViL2hhOC84ODc5NzU3NTkwNTU4L2JyYW5kbG9nby1iNDA1MTE2NzU5NDM0MTI1NjcyNTE4MzAxLmpwZ3w0MDMzYWJlZjJjZWI5OWY1YWEzYzg0Mjc3M2E0ZDFlOGE5OTlhZWUyNmYwYTNkYmY2NTMxMmY2M2Y3MTU4ODc3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 5ad0cdf0d7365fdad5c5bec7932a7812a015c99e2f35e5f4e6fcaccd7c844bf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
x-check-cacheable: YES
x-serial: 1900
etag: b91fa4feb5d5c379f817dc825b51ca26
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
last-modified: Fri, 17 Sep 2021 08:38:54 GMT
content-length: 1588
server: Akamai Image Manager
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 WQ4lBw867860-0-dgl-DE.jpg
media.douglas.de/medias/ Frame CA29 5 KB
5 KB 349ms
270ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/WQ4lBw867860-0-dgl-DE.jpg?context=bWFzdGVyfGltYWdlc3wxMTkzMDB8aW1hZ2UvanBlZ3xoMGYvaDYyLzg4Mzg5ODE2ODExODIvV1E0bEJ3ODY3ODYwXzBfZGdsLURFLmpwZ3wyYTlmNWIxZDlkNzlkMzY3MTNjMjY5YWQ1MTI4OGM1NTYxYzI5MWNhNWFkZjJmODA3OWM1NWUyNzBlNGU1YmE0&imwidth=300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c039a025234d70fb173a63e7354c0a1b6fed3f7c61953903bbafb68289c80d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
x-check-cacheable: YES
x-serial: 1574
etag: 5347bf3b4babe58091fc19c8f9bb2378
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
last-modified: Mon, 27 Sep 2021 07:51:41 GMT
content-length: 5142
server: Akamai Image Manager
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 brandlogo-b407013341712311117555296.gif
media.douglas.de/medias/ Frame CA29 1 KB
2 KB 378ms
299ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/brandlogo-b407013341712311117555296.gif?context=bWFzdGVyfGltYWdlc3wxNzk1fGltYWdlL2dpZnxoZTkvaGFiLzg4Nzk3NTc2NTYwOTQvYnJhbmRsb2dvLWI0MDcwMTMzNDE3MTIzMTExMTc1NTUyOTYuZ2lmfDczZWY4Y2U5YWM0ZGYxNTY5NzE3ZDBkYTMxNzFmOThlMTViMjhhOTIzNjBjNmI1ZGZmMzkyMzRhYTM5MzdjMGI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: bffa86005fdfb2ababfb3feadec77ad7f45d20d4eb153b6e4d78ccb3ef6b975a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
last-modified: Fri, 17 Sep 2021 04:38:37 GMT
server: Akamai Image Manager
etag: 0fb9598a1374305e47271278e5e7f712
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 1416
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H2 200 YdWHl0876709-0-dgl-DE.jpg
media.douglas.de/medias/ Frame CA29 6 KB
6 KB 2922ms
2843ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/YdWHl0876709-0-dgl-DE.jpg?context=bWFzdGVyfGltYWdlc3w1ODgxMHxpbWFnZS9qcGVnfGgyMi9oMzYvOTQ2NTk1NzQ4MjUyNi9ZZFdIbDA4NzY3MDlfMF9kZ2wtREUuanBnfDllYTc0NjBlZGYxZTI0ZWU2YjY3MzFmYjIxZjAxZDc3NmVjNTYxZjkyODBmMzZhZjgwY2M1Nzg0OTA5ZDFjOTM&imwidth=300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 05d451ade49e187c290a143ad8971b2ef89dd634c736b75be572e022f9bc5302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:48 GMT
last-modified: Thu, 09 Dec 2021 15:47:44 GMT
server: Akamai Image Manager
etag: 19c621a2871166f13f3ead995dc0e89f
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
content-length: 5702
expires: Mon, 14 Feb 2022 18:26:48 GMT

GET
H2 200 brandlogo-b003316645722526272380996.jpg
media.douglas.de/medias/ Frame CA29 2 KB
2 KB 361ms
282ms Image
image/webp 2a02:26f0:6c00:2af::2854
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.douglas.de/medias/brandlogo-b003316645722526272380996.jpg?context=bWFzdGVyfGltYWdlc3w0Mzg1fGltYWdlL2pwZWd8aGFjL2gyYS84ODc5NzU1NTkxNzEwL2JyYW5kbG9nby1iMDAzMzE2NjQ1NzIyNTI2MjcyMzgwOTk2LmpwZ3w2MDM5MTUxZDc1NzQ3MWUyMmNmYWUxNjE0MWY1MDdmMGE0MmM5MWUyMTFkMWQ3OTExMmYzYjhiYjg4NWU1OWY0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::2854 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 26a3b2a7e00aa03398e57891145b167ba8784eded21a39dc128ccd158a381f3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
x-check-cacheable: YES
x-serial: 1373
etag: ca78476a3fbccce1b71c42c7f07cebcd
content-type: image/webp
access-control-allow-origin
cache-control: no-transform, max-age=5184000
access-control-allow-credentials: true
last-modified: Fri, 17 Sep 2021 03:58:36 GMT
content-length: 1914
server: Akamai Image Manager
expires: Mon, 14 Feb 2022 18:26:45 GMT

GET
H3 200 AvenirNext-DemiBold.woff
s0.2mdn.net/sadbundle/26872614139985920/ Frame CA29 91 KB
91 KB 10ms
10ms Font
application/octet-stream 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/26872614139985920/AvenirNext-DemiBold.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e025537d86d14c420ab40df771c32350cf2e43d5cd1464165711aa9b9745ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/26872614139985920/index.html?e=69&leftOffset=0&topOffset=0&c=fZGp3Twssz&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 12:17:15 GMT
x-content-type-options: nosniff
age: 22170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93464
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 14:57:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Dec 2022 12:17:15 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 864B 0
733 B 53ms
52ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d8cdc86a-10ce-49ce-bed8-725600452fd8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4F08 0
733 B 18ms
18ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: df8bedca-3ac4-41fb-bebc-3957623df2db
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame E93F 43 B
1 KB 14ms
14ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=27daf2c3-4bed-4777-b0e5-6fe1e0f34c92&expiration=1647455205
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:45 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F85E 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVD97MvEAj_338cgPX4Wg2KbT9TQYgJSeylPfv0TWiLy7gQKP6Bz35gw3izGTLRTOW4z2Fe6HHPgtu83TG1TJYIK_4lxrRmlUxpQ&sai=AMfl-YTDSQIUM8OCP4zH17s_OO57We-TJM15snw7J7jkepvtMiZWOez0LD_itlYBjU6s_KZPwq36d3p5DF8io6zyJoXVoebVaAV1Q1n8keUA2VkR-6eEghJTYO6wvfShvBg&sig=Cg0ArKJSzPGV3iT2OokMEAE&cid=CAASFeRo5RK-OozLOgL6czxRpqtV9inZNw&id=lidar2&mcvt=1033&p=374,1082,628,1382&mtos=0,1033,1033,1033,1033&tos=0,1033,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1414505084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639679200869&rpt=2749&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 38FB 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 13:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 13:27:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3807 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfsP2uQqykwDDkSQHntH5sZbn_NEZyb4yu3qBYpnRBuS4_LA7HTMx7ucQ6uPbdbkR-4MbHuRGYfjL2te31ibOnGntrarQqD9atyE_hyp2qVEjqcl4&sai=AMfl-YQDNGQLYPvdasUASNx4F1W90FJsXmrgs3rrhQvK91CCoyNuiLxJz7QVTfoMIq7bdnzo3Cg95x4HrN_dtTJ6RWUwsbGaxsFr4ggcczcBfJGi4VHRvNKw6IHBF1cQU_A&sig=Cg0ArKJSzBIw0YuTD0O4EAE&cid=CAASFeRoWWKFmqJ8NLClbNoz0FFNEEIonw&id=lidar2&mcvt=1024&p=8,315,258,1285&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4166723991&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639679200825&rpt=3107&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7306 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQGhS4oS7YbjgHpeu7gOToJ7IBwAAAAA4AeAEAg&bg=!4uGl4aXNAAZKWFskSlg7ACkAdvg8WnpUZRhdk2t5-xnI3SIiOy9QvBTD7O88KJ2R-iSPAAapmJtLoAIAAAIgUgAAADJoAQeZAw06BfkdBBBg--4PJAE0GurV-933q9QU2gFjFofhXdkk95HGpGpS4MdZg9Ns2qLRz-sS6VbuwH06hh0tyfzSZ6RIi8u8JCZAwRLulP7T2fyLi3qWlPPDtjLhP2e-ioyiKO1CwyIRJlNf2sv6p-etMVSIxTTMUuRXakvAuIKawZF9CSaJ1DxQIem9SfL6EXcTzp82_ZKxnRz5CcEy1MVmX2gbzI2HjNU6AEtn_P3sHAzw4SbEyRk5Hzgi_yMJL4aBAHlwdhQ-gQhOA_Kc_hcFtQ0W0HZylHcEjtuZFz8szCdxeCx9f9e2x_yIFLk3u_5YENswBIbs7tFmApaVK0cnHs-4v01TTxinF0hHdT4Z9piEvPKKBn_lWYd7s0hiA9NWYBh40Ws5nXuKJ1MYFFU77YKDoWiICZJ_GmF_JlLjB4aObnd9gb3igB-oFbNeL14QKakvLEg5cBXHMCbP46sQPp61Mf8Y1rA8kaPYd9rMgk5f3xJmWLosJLyjRn7FCbIhE-xERKpZk4tHIDIn9Ysv2osTvxNdWjOi6Or-ZI5sUq_SnW-zvv_Gwz9Clsa1iUiaRiifEDEox8TktsH61LKAeAYn_E-D3JoDw90E3qzjjSd080DGdN_qqb33uO4nzZ_0wykr9fZuS-KAnuhClWYi6x4bensJsx6kl0PhUgGOWQPMfVRKKT0sSoEfgew-tJg9D6IjuRUYE63nO01TgoPunz_hevSuFh7sRScdZdXxRUgHTZui7EfHW1Z1Akg42E55lE_RujY6uNhx-8iH9jiabYNBX5qSaUU9xZz_jA8okfMlTScLaUPShnDfZ-68bh2cFIL3HBgalTT5N8iN3AoqB38g2_qKN-_U49iac5Duox1WVS8RJcAda-rpMGxEm7PG9OCSMYebmQ7xNCqTbo5XksJin7hW_PK7fSQ7KxXGx_uAQBeYlJKncmgABfi65yd8a80YTgQwoVF_ufhN7gAV5mvgLUBGPMEKrN91h9W90ltqA2ZgxE8osgTX_Kp1Elm8UsM9uuoUvPw4jVv1xbeM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame D792
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

10ms
9ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: facb3d8be1db6c30f049b33e4b52d4b85232b84cbba9694b2f23de5efbdbf99c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-type: text/html; charset=utf-8
content-length: 459
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame C10C 8 KB
4 KB 46ms
8ms Document
text/html 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges: bytes
etag: "32347ab14bd5257f1f3d2e210ba82276"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: iDdUrZMisQMcR3DUjHJzUEDU6VVjk2bG2bw4cAMHsNf0iJA5KWhVJQuUrTPsS2FyrbQI0p5WrL4=
x-amz-request-id: 2SE95SNRRF9AJKB1
x-amz-meta-codebuild-content-sha256: 8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5: 276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield: 0Yma7YQAAAAD1MS7RWHiVQ5s8s1wxsVv6QU1TMDRFREdFMTkwNgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 05YS7YQAAAABitOrak8ttTodbroZ9rJNKRlJBRURHRTEwMjIAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Thu, 16 Dec 2021 18:26:44 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 51EC 0
0 164ms
163ms Document
text/plain 63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13394437
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Server: nginx
Date: Thu, 16 Dec 2021 18:26:45 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1sea1

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5756 281 B
554 B 36ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Dec 2021 18:26:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0425 52 KB
17 KB 12ms
11ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Dec 2021 18:26:47 GMT
Date: Thu, 16 Dec 2021 18:26:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4A63 14 KB
5 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=32246
expires: Fri, 17 Dec 2021 03:24:11 GMT
date: Thu, 16 Dec 2021 18:26:45 GMT
vary: Accept-Encoding

GET
H3 200 pd Show response
eu-u.openx.net/w/1.0/ Frame EF8F 542 B
357 B 24ms
23ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: ebf7729bbbad2de321e50de6f30ae0a5c613fdbbebb3b2015a2f8435409c5abb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Dec 2021 18:26:45 GMT
content-type: text/html
content-length: 338
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

2000891.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 0624
Redirect Chain

https://sync.serverbid.com/ss/2000891.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

5 KB
5 KB

41ms
11ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Date: Thu, 16 Dec 2021 18:26:45 GMT
Connection: Keep-Alive
Cache-Control: max-age=48744
Content-Length: 4947
Content-Type: text/html
Last-Modified: Wed, 20 Nov 2019 20:29:05 GMT
Accept-Ranges: bytes
etag: "1b0ebac83fe30af80513039edbdf566f"
x-amz-request-id: tx0000000000000024f76a9-0061baf1cd-ef451db-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 185
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1639679205.dop120.fr8.t,1639679205.cds160.fr8.shn,1639679205.dop120.fr8.t,1639679205.cds227.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
cache-control: no-cache

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1552 2 KB
1 KB 10ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Thu, 16 Dec 2021 18:26:45 GMT
Connection: keep-alive

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81C2 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0r_P44S7YcvGDpiu7_UPza2KwAgAAAAAOAHgBAI&bg=!YmGlYSXNAAZKWFskSlg7ACkAdvg8WrxZde13JDfESG4_q1QS5QINBfq5oJWcVR3IK6eQATBOouEI-QIAAAIKUgAAADloAQeZAyQ3aIy1VgQX-JiVJ42veyiQS15IjU_sDBvzXlMmBIT94jTuW9CSFqJ4N0uR7IUVU3XDclA6TJpWlBBpJPszLGNfNr-2CvJ2Z-gF93ttT-cV44C7_GhSrVwNpxkL67xcleoR07Y4RlS575mgfIQ_kUxojcVjZ7qv0l23h-piMvx42qb0i5yDIAHAYkwJ0sQLozB2FRYyR3PrHGkkHSlMIfnks2E5Kgcq87IqHu_VjLAAfZDFG9qeyhqShGT_HUpouZLrFwEYhVLjH5c1RObaeu9de3Bb8xteNFmjDZ_ZniBpEFjYUvkB7XLxVB3Vu_CVGIsWY1KVdowuqNYD_jVBO3Rt4TiHZrRFyWQ2nMcUD_1ucgON1gwQ6PHUQ66iQZ0mHJ5iSqIO4ny8LdX8FaJODWIl1WVmLfIZVta1dHFcDVRuOzaSrKHxCREAPGKkXtpYaLgr28kCQn57SwqPbqrQnmU0BrMfXoVobBM331Lps4m2uLZGlXIgsS946huMLRvoS5kBMZ0_dhoACQFK9CHPs0x7WHnN5pETe5p4q04lvBVuBLjKEwgpD114QXx8ND8FJbAvKCZBY7RNnKQ_JEKfaij1x88UVqDqgQSXylNgAAoEAXHy5wHxunXFJcpBv0FQ45VShOnp8S3R8Y1lyV7X18wx3hbRjZLYsGBEj_MpSa1Gmdxd-U98veK6ef3EBVif01iUlxe-yzGOxFTpk1ajSx9DLpHq5dItYml1D1IGveOIPFGKzQu0W7FzA6ytmv0fXMVTe-20r2cnn0CVHLEQKexMyWI8kLp44bTlZqvugtPjm501_5X8yd8HSPc5haTZRp9Uo_5veNxH2n-iPiBd9nRbyCpip92IEEfkpR1eqsxstXeuyFSauH36ioylINxQEp8MDipzmL4V-zxXuY6uz_VXSva5LBNolJhP0QSW_fp5bJ8fTj7eoUpDvV3OWIscYqdzsn7P6FWcOdn0vRjpK3XM9FcbariBGe-sryF2SSKmX7-kPGgJzkcP_EyH8XnvE5GOPAKkaC7NTNU_R96KDmWBaF7sBMTS5TE2imn7lhxb1s6xGcs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5756 32 KB
10 KB 27ms
27ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e5468112933b663f6a84084845c0264056f805300bfe046db490491dacabb76b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16737
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9696
Expires: Thu, 16 Dec 2021 23:05:42 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0425 0
733 B 35ms
35ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1b91ebd0-defc-45c0-a835-b39c69d7a91b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame EF8F 43 B
352 B 37ms
19ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: h6ahfbjo7j1h69rj4mj7njkbvlm98rpl

GET
H2 200 90789925-deec-e309-c556-ec4d2fb237d0
pr-bh.ybp.yahoo.com/sync/openx/ Frame EF8F 43 B
875 B 33ms
33ms Image
image/gif 2a05:d018:d29:3602:7523:c0c8:9412:6c81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/90789925-deec-e309-c556-ec4d2fb237d0?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:7523:c0c8:9412:6c81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame EF8F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1tDHbrUE1MXVsN5

43 B
61 B

24ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1tDHbrUE1MXVsN5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1tDHbrUE1MXVsN5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame EF8F
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21
https://x.bidswitch.net/sync?dsp_id=340&user_id=95365e04-c8af-4a62-a1ef-30ebeec74c2f&expires=10&ssp=openx&bsw_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21
https://us-u.openx.net/w/1.0/sd?id=537072968&val=1f84e4a2-4b65-4f6b-969d-c68d9d026a21

43 B
61 B

18ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=1f84e4a2-4b65-4f6b-969d-c68d9d026a21
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=1f84e4a2-4b65-4f6b-969d-c68d9d026a21
Date: Thu, 16 Dec 2021 18:26:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame EF8F
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3343957620543684404

43 B
61 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3343957620543684404
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 95db21e3-a94d-434a-a3b3-467f077c1db9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3343957620543684404
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame EF8F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJWHNrN0Rkd29BQUQtaVprVnFMZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

35ms
35ms

Image
image/gif

52.49.53.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0

Protocol

HTTP/1.1

Server

52.49.53.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D792 70 B
264 B 36ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=Bs2tB4OfM&dongle=u6nf
eb2.3lift.com/ Frame D792
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=Bs2tB4OfM&dongle=u6nf

37 B
155 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=Bs2tB4OfM&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=Bs2tB4OfM&dongle=u6nf
date: Thu, 16 Dec 2021 18:26:45 GMT
via: 1.1 google
alt-svc: clear
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame D792
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBNP-OSmUuLGUz4eSDmYx68&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

12ms
12ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBNP-OSmUuLGUz4eSDmYx68&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBNP-OSmUuLGUz4eSDmYx68&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D792
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM0MjAzODAzNTczNzA5NTYzNjE%3D

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM0MjAzODAzNTczNzA5NTYzNjE%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM0MjAzODAzNTczNzA5NTYzNjE%3D
date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame D792 0
705 B 141ms
120ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13420380357370956361&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A446CEC4F2F44768AC591755C10EA871 Ref B: FRAEDGE0806 Ref C: 2021-12-16T18:26:45Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTR5CdH0Ui0divdLGDrQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame D792
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/13420380357370956361?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-I9_oQD9E2oSfgp9WWiyH8u7JxTk.yP1jSAHjHSnugw--~A&dongle=0883

37 B
353 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-I9_oQD9E2oSfgp9WWiyH8u7JxTk.yP1jSAHjHSnugw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 16 Dec 2021 18:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-I9_oQD9E2oSfgp9WWiyH8u7JxTk.yP1jSAHjHSnugw--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame D792 43 B
220 B 26ms
8ms Image
image/gif 3.126.38.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=13420380357370956361&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.38.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-38-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame D792 42 B
594 B 55ms
34ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=13420380357370956361&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E71B1EBEFDF649F087BCBCEB82B59409 Ref B: FRAEDGE1213 Ref C: 2021-12-16T18:26:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame D792
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13420380357370956361
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13420380357370956361&dcc=t

0
0

108ms
107ms

Image
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13420380357370956361&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: P4JZDKAPRKP8SC988SY9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13420380357370956361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame D792
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

11ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 1AE3 2 KB
3 KB 27ms
26ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6e66b33313a6c666ea12b3bc61f7e6e67d7e8fd11b2567163ff61b75772e4599

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|88|130|3|241|195|51|81
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1699
Expires: Thu, 16 Dec 2021 18:26:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
Connection: keep-alive

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame FD96 4 KB
2 KB 103ms
38ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 38a153aaf008fbbc5ff2e234c258cd739e4941fe5b945ccb3c0bec6d4e9377e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"0cd086d92795605d6064d38c337059b92"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame DE69 0
0 303ms
100ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Thu, 16 Dec 2021 18:26:45 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E757 2 KB
814 B 28ms
11ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 2645 716 B
966 B 48ms
15ms Document
text/html 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b72cc85132e6fb7b97ef26e61fb81355c37537b807bbe77ccb9197e461d0bd38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-type: text/html
content-length: 716

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 61AA 2 KB
3 KB 19ms
17ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dea365e6d3463e4a662b2f166142c912105b01ebb61b568089e042dc34659f2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|206|4|130|230|65|3|190
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1605
Expires: Thu, 16 Dec 2021 18:26:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
Connection: keep-alive

GET
H2

200

sync
ads.servenobid.com/ Frame C10C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=3343957620543684404

0
344 B

32ms
32ms

Image
image/avif

52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=3343957620543684404
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 105b5ebb-1154-4e76-b492-148cc19bdac9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=3343957620543684404
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame C10C
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ads.servenobid.com/sync?pid=310&uid=3dca89b7fdd10c39453eec1d

0
347 B

34ms
33ms

Image
image/avif

52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=3dca89b7fdd10c39453eec1d
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=3dca89b7fdd10c39453eec1d
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2sea1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame C10C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=444403837
https://sync.1rx.io/usersync/tradedesk/81af1dac-941a-4a28-8cd7-842422c9914d
https://sync.targeting.unrulymedia.com/csync/RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003
https://ads.servenobid.com/sync?pid=321&uid=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003

0
361 B

33ms
33ms

Image
image/avif

52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003
date: Thu, 16 Dec 2021 18:26:46 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2b95287cc7c24d50bd827ce23c3e787b003
content-type: text/html

GET
H2 200 101954
jadserve.postrelease.com/suid/ Frame C10C 43 B
427 B 503ms
166ms Image
image/gif 54.219.155.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.155.58 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-219-155-58.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame C10C
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=969751677169756561

0
344 B

43ms
40ms

Image
image/avif

52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=969751677169756561
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=969751677169756561
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame C10C 0
474 B 62ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame C10C
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=085e865d-3ae0-41ec-a6d0-44825dac8346&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

33ms
32ms

Image
image/avif

52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=085e865d-3ae0-41ec-a6d0-44825dac8346&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=085e865d-3ae0-41ec-a6d0-44825dac8346&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame C10C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-Sa_Mxe5E2uHKcHC3M3fyjthF3K86tBMTUrRwN.s-~A

0
366 B

36ms
35ms

Image
image/avif

52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-Sa_Mxe5E2uHKcHC3M3fyjthF3K86tBMTUrRwN.s-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-Sa_Mxe5E2uHKcHC3M3fyjthF3K86tBMTUrRwN.s-~A
date: Thu, 16 Dec 2021 18:26:45 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 YbuE48FpMdYRks-S89acmwAABIkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1AE3 43 B
875 B 37ms
35ms Image
image/gif 2a05:d018:d29:3602:7523:c0c8:9412:6c81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YbuE48FpMdYRks-S89acmwAABIkAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:7523:c0c8:9412:6c81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 1AE3 85 B
260 B 2062ms
2061ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:48 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1639679206.981952,VS0,VE2044
x-served-by: cache-fra19150-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 1AE3 43 B
430 B 32ms
32ms Image
image/gif 52.49.53.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.53.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:45 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1AE3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=

43 B
1 KB

19ms
18ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Dec 2021 18:26:45 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1AE3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

43 B
645 B

110ms
108ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VYABH42WH2DADS15T4YP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PB0XE4HZ8VHQ6P3YQB73
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbuE48FpMdYRks-S89acmwAABIkAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1AE3
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-56891bea-9fa6-48ef-80f9-0c79bc24b2b4

43 B
1 KB

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-56891bea-9fa6-48ef-80f9-0c79bc24b2b4
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-56891bea-9fa6-48ef-80f9-0c79bc24b2b4
date: Thu, 16 Dec 2021 18:26:46 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1AE3 43 B
220 B 10ms
8ms Image
image/gif 3.126.38.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.38.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-38-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1AE3
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Ye4Bjm_rB4p6uwDbZ-dOjWC9Vth6uwbfZuau00Xi

43 B
1 KB

20ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Ye4Bjm_rB4p6uwDbZ-dOjWC9Vth6uwbfZuau00Xi
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Ye4Bjm_rB4p6uwDbZ-dOjWC9Vth6uwbfZuau00Xi
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1AE3 43 B
425 B 14ms
12ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YbuE48FpMdYRks.S89acmwAA%261161
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:45 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2494
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 19:08:19 GMT

GET
H2 200 YbuE48FpMdYRks-S89acmwAABIkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 61AA 43 B
875 B 44ms
42ms Image
image/gif 2a05:d018:d29:3602:7523:c0c8:9412:6c81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YbuE48FpMdYRks-S89acmwAABIkAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:7523:c0c8:9412:6c81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 61AA 0
15 B 11ms
10ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YbuE48FpMdYRks-S89acmwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 61AA
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7881695143172826811

43 B
1 KB

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7881695143172826811
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7881695143172826811
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 61AA 43 B
430 B 72ms
34ms Image
image/gif 52.49.53.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.53.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 61AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbuE48FpMdYRks-S89acmwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1

43 B
315 B

17ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENn4RGneShp1yoyf9x4cCt8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 61AA
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639765606&gdpr=1

43 B
315 B

33ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639765606&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639765606&gdpr=1
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 61AA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=

43 B
1 KB

18ms
18ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 18:26:46 GMT

Redirect headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Dec 2021 18:26:45 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 61AA 0
0 16ms
14ms Image
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 sync
ads.servenobid.com/ Frame 61AA 0
356 B 36ms
34ms Image
image/avif 52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=YbuE48FpMdYRks-S89acmwAABIkAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 2645 0
344 B 39ms
38ms Image
image/avif 52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=6061981485391032988&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2645
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7042368557124876440&gdpr=0&gdpr_consent=

43 B
448 B

17ms
17ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7042368557124876440&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7042368557124876440&gdpr=0&gdpr_consent=
Date: Thu, 16 Dec 2021 18:26:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2645
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=a2cc65bc-2b67-4f97-9adc-e7b868356304&gdpr=0&gdpr_consent=

43 B
425 B

65ms
16ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=a2cc65bc-2b67-4f97-9adc-e7b868356304&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:45 GMT
server: Kestrel
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=a2cc65bc-2b67-4f97-9adc-e7b868356304&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1676909
content-length: 0
expires: Thu, 16 Dec 2021 00:00:00 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 2645 0
240 B 52ms
9ms Image
text/plain 2600:9000:2156:c600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YIvdL6Rn9LFL0yzMx1O7V5GWDNhj9gAQd3geMu7Oncd0nhdKk7K8tQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2645
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=s...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=1f84e4a2-4b65-4f6b-969d-c68d9d026a21&gdpr=&gdpr_consent=

43 B
163 B

17ms
17ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=1f84e4a2-4b65-4f6b-969d-c68d9d026a21&gdpr=&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

Location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=1f84e4a2-4b65-4f6b-969d-c68d9d026a21&gdpr=&gdpr_consent=
Date: Thu, 16 Dec 2021 18:26:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=3343957620543684404

35 B
237 B

84ms
83ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=3343957620543684404
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 46e16ff8-d11f-4278-a5ea-92fd16fcbff2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=3343957620543684404
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c&gdpr=0&gdpr_consent=&us_privacy=1---
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6e4218d0-9603-44be-8e63-3bea50b05bdf&ssp=gumgum2
https://rtb.gumgum.com/usersync?b=bsw&i=1f84e4a2-4b65-4f6b-969d-c68d9d026a21

35 B
237 B

92ms
90ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=1f84e4a2-4b65-4f6b-969d-c68d9d026a21
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: //rtb.gumgum.com/usersync?b=bsw&i=1f84e4a2-4b65-4f6b-969d-c68d9d026a21
Date: Thu, 16 Dec 2021 18:26:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame FD96
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28hpurPWIk5LnyuDuc8wg0AMNEF4j2b2YK3u04jR6F2Vd70exoqh2JX8ZiOsokTdwe%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c&obuid=ENC(hpurPWIk5LnyuDuc8wg0AMNEF4j2b2YK3u04jR6F2Vd70exoqh2JX8ZiOsokTdwe)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

0
309 B

94ms
93ms

Image
text/plain

70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath&uid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:47 GMT
Cache-Control: no-cache
X-TraceId: 64409d882fe70d5f867ce41c9852a5b0
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath&uid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
date: Thu, 16 Dec 2021 18:26:47 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=f3825b11-6655-4916-93fa-ea5518b5fbdf

35 B
237 B

83ms
83ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=f3825b11-6655-4916-93fa-ea5518b5fbdf
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=f3825b11-6655-4916-93fa-ea5518b5fbdf
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-2c176b07-fb37-472a-407e-dca8367fdef9$ip$136.243.198.81

35 B
237 B

83ms
83ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-2c176b07-fb37-472a-407e-dca8367fdef9$ip$136.243.198.81
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-2c176b07-fb37-472a-407e-dca8367fdef9$ip$136.243.198.81
Date: Thu, 16 Dec 2021 18:26:46 GMT
Connection: keep-alive
Content-Length: 123
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-KYRpw9JE2pdambBcotkC1.tYVP..9Zt2afx4~A

35 B
237 B

87ms
82ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-KYRpw9JE2pdambBcotkC1.tYVP..9Zt2afx4~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Thu, 16 Dec 2021 18:26:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-KYRpw9JE2pdambBcotkC1.tYVP..9Zt2afx4~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=b9f0e088-5e9d-11ec-9c17-0b6051703b96

35 B
237 B

83ms
83ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=b9f0e088-5e9d-11ec-9c17-0b6051703b96
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=b9f0e088-5e9d-11ec-9c17-0b6051703b96
Date: Thu, 16 Dec 2021 18:26:45 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: b9f0e089-5e9d-11ec-9c17-0b6051703b96

GET
H2 204 services
sync.technoratimedia.com/ Frame FD96 0
292 B 328ms
110ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 69685970
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame FD96 0
44 B 315ms
103ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-length: 0
server: a

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=0hyxAjurBTuRUAauRUoL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MDIPF4EC2TVOJBFI5KSKVAWC5KSKVXUYJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=0hyxAjurBTuRUAauRUoL&us_privacy=1---

35 B
237 B

87ms
86ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=0hyxAjurBTuRUAauRUoL&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=0hyxAjurBTuRUAauRUoL&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=2a62fc15-5da3-4f47-9195-334c2f3eb417

35 B
237 B

84ms
83ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=2a62fc15-5da3-4f47-9195-334c2f3eb417
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=2a62fc15-5da3-4f47-9195-334c2f3eb417
date: Thu, 16 Dec 2021 18:26:46 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003&rndcb=3437320458
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21&google_hm=MWY4NGU0YTItNGI2NS00ZjZiLTk2OWQtYzY4ZDlkMDI2...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDStz3Ve8t6LCltQwXYJ0Gg&google_cver=1&ssp=adconductor&bsw_param=1f84e4a2-4b65-4f6b-969d-c68d9d026a21
https://sync.1rx.io/usersync/bidswitch/1f84e4a2-4b65-4f6b-969d-c68d9d026a21?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003

35 B
237 B

40ms
36ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003
date: Thu, 16 Dec 2021 18:26:46 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2b95287cc7c24d50bd827ce23c3e787b003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=2LSdrUAgy4CE&ev=1&pid=558355

35 B
237 B

83ms
83ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=2LSdrUAgy4CE&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://rtb.gumgum.com/usersync?b=pln&i=2LSdrUAgy4CE&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-685df6f7b9-bkrlv
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame FD96 0
75 B 16ms
15ms Image
text/plain 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame FD96 0
358 B 49ms
30ms Image
image/avif 52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1E8E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=0&gdpr_consent=

35 B
237 B

84ms
83ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=3e1961bb-84e0-4600-baae-3f1a6ae2d154&gdpr=0&gdpr_consent=
Expires: Thu, 16 Dec 2021 18:26:45 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 38D0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=atm&i=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=

35 B
237 B

85ms
84ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Thu, 16 Dec 2021 18:26:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19150-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1639679206.026722,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 1D42 170 B
188 B 22ms
17ms Document
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MjNiYjhkNy0yOTdmLTRmNjctYjZjMS01OWE2ODYxZTNjMWM=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
date: Thu, 16 Dec 2021 18:26:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BB74 14 KB
5 KB 16ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=32245
expires: Fri, 17 Dec 2021 03:24:11 GMT
date: Thu, 16 Dec 2021 18:26:46 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 07B5 0
0 311ms
99ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Thu, 16 Dec 2021 18:26:45 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 15D6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=81af1dac-941a-4a28-8cd7-842422c9914d&t=1642271206

35 B
237 B

85ms
82ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=81af1dac-941a-4a28-8cd7-842422c9914d&t=1642271206
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=81af1dac-941a-4a28-8cd7-842422c9914d&t=1642271206
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A3D6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

11ms
11ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Dec 2021 18:26:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=gumgum
Date: Thu, 16 Dec 2021 18:26:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 204 um
cs.emxdgt.com/ Frame EFF5 0
0 64ms
11ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Thu, 16 Dec 2021 18:26:45 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E07D
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YbuE5sCo8X0AAPIEBfMAAAAA

35 B
237 B

85ms
83ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YbuE5sCo8X0AAPIEBfMAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Thu, 16 Dec 2021 18:26:46 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YbuE5sCo8X0AAPIEBfMAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 4
X-SO-HostName: a-ad40221.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng25.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":7,"gdpr":true,"ipv4":"0.0.0.0","key":"YbuE5sCo8X0AAPIEBfMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40221"}
X-SO-Key: YbuE5sCo8X0AAPIEBfMAAAAA
X-SO-IP: 136.243.198.81
X-SO-Cluster-ID: 7
X-SO-Upstream-ID: a-ad40221

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D635
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=iZiRJqH0Dct0lOmeMB1y&pi=gumgum&tc=1

35 B
237 B

38ms
37ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=iZiRJqH0Dct0lOmeMB1y&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Thu, 16 Dec 2021 18:26:46 GMT Thu, 16 Dec 2021 18:26:46 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=iZiRJqH0Dct0lOmeMB1y&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2 204 um
cs.emxdgt.com/ Frame C005 0
0 30ms
11ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type: text/html
date: Thu, 16 Dec 2021 18:26:45 GMT
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D5E2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

35ms
34ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Dec 2021 18:26:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Thu, 16 Dec 2021 18:26:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK uc.html Show response
go.sonobi.com/ Frame 7392 43 B
573 B 74ms
14ms Document
text/html 178.162.133.148
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sonobi.com/uc.html?pubid=e55fb5d7c2

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.148 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-8
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 cm Show response
gift-connect-d.openx.net/w/1.0/ Frame C612 0
83 B 28ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Thu, 16 Dec 2021 18:26:46 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 278B 14 KB
5 KB 13ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=32245
expires: Fri, 17 Dec 2021 03:24:11 GMT
date: Thu, 16 Dec 2021 18:26:46 GMT
vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 0624
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=3343957620543684404

0
44 B

92ms
90ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=3343957620543684404
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 215cfa24-79e6-4c57-bf05-098d74993083
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=3343957620543684404
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 0624
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YbuE48FpMdYRks.S89acmwAA%261161

0
44 B

93ms
92ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YbuE48FpMdYRks.S89acmwAA%261161
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YbuE48FpMdYRks.S89acmwAA%261161
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Thu, 16 Dec 2021 18:26:46 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 0624
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=3dca89b7fdd10c39453eec1d

0
44 B

98ms
95ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=3dca89b7fdd10c39453eec1d
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-length: 0

Redirect headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=3dca89b7fdd10c39453eec1d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 0624 0
474 B 19ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 0624
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde

0
44 B

93ms
93ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
date: Thu, 16 Dec 2021 18:26:46 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 0624
Redirect Chain

https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4

49 B
509 B

24ms
23ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Protocol

HTTP/1.1

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4
cache-control: no-cache
content-length: 0

GET
H/1.1

200
OK

56939
i6.liadm.com/s/ Frame 0624
Redirect Chain

https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D
https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4
https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4&_li_chk=true&previous_uuid=ba9f81572fa545fbb5522fbdc155b74c
https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4

43 B
447 B

287ms
96ms

Image
image/gif

2600:1f18:444a:4680:b988:ecc0:9832:67ce
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:b988:ecc0:9832:67ce Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 04c65e2a32a3175c
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4
Date: Thu, 16 Dec 2021 18:26:45 GMT
Connection: keep-alive
trace-id: 30beb3a018bd43b8
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38FB 0
20 B 46ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.493.0&bgai=B7LlT4YS7YbGUOMWlzAbJi42wCQAAAAA4AeAEAg&bg=!cHOlczfNAAZKWFskSlg7ACkAdvg8WkZ_WS30A-fkYc-jfPMGFc7hK6C76pGhSqC9HGyRpH9tn5GmLAIAAAGoUgAAAEVoAQcKAGBCbxBZuG59qKVDkt5ldm2MaySBWtlNYQkUVGsgtKwvIaZKMc4CBrbcN5ulY_gGr5zBbcMgDScfqrvLdsaADYA0TVh043h4nPFgw6V4AiDAsxi0XzS0I3woaZYdO6kmWiaZAt5AITc98TjadfrD8-kJ_cHWH4vV9aE1BPxhHiJXW5Tj9qMQhJwHOAz1BoS5Qx7jrcG7jqTQlwfEIeKaE5c4iqxA_2aWV7cztLgCJbtzUDyRlvJ1xMTcAggd-KF_zaL311t_1PAhh5qsDnaOouQHbmLQmqCD22yLNN90JfejLf17GdCbsvoTaosTtGC6ZBRk8YjDHbUgAD8tpffPYRrjmrDjUrOSAINpflgxagOJOXG8ML23uiUUagoZfsxxQbeECCOJHTuFyBsftq-dIc3p2LPT7ERZMVBDBxv83sTGXThUAy3gU5fP3fT27NpQc1lcDlh39p_VUnHnFmTJqcYoKZLLhktyZuiAhXXBVmyHbVp-xH6A6NDzCRLbXLlll4btBrxicKMKCkafusYmrI105i6p4lnIzTjM56RW9HRdGpZSBE2s_axGboUVmCLjrwYOhmwRYz8S4U1dhrZ4HL70E0XlHDK4XATm4pFHMA5ICZvFl-EZwEqVkO0E30d5CNgrP0GvyFRY1SHkmpaje897SA_bLjTww8OC31Jb_LGFsKtzwBiNYpPL93o3XE3qwQCUZMARc7kJ-UpxVdH3D5OelxdbnoeS5cGkCm6vCEMf7yPtuPEAYIzwHRWtAN9uZVF4mYflCIYh0TjHclo41ZeimTyBSKrMPBclix6tN5HQTknFQop__NqQldUdtAtbmFc0ggVF-k3F7I1ewT5WRrmb7pyWwRa1s_qDw0milk_pFaAfgkFjKvfak6oueYKfGETXAkgp1dugdYW_aqJul8uvH-7JtsJ7PO2Sn_ZlCWA4WcVKnm3p0BEkSy2o6W3QVmu8qer7PjWogzhw65tI6Mec-UagKdt-IEg8lQ0sSUf0KbhSccY3totLjWq5oh7hmTjWjusB1gDgp9rrsok8XqwxD7j30qaRUSOiCb1gjF_DAgYKqn8b4Nd0Kc6G9MwOeOvUvgnqt0d_9ytaBKCEOKPSdg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A3D6 32 KB
10 KB 23ms
23ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e5468112933b663f6a84084845c0264056f805300bfe046db490491dacabb76b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16736
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9696
Expires: Thu, 16 Dec 2021 23:05:42 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 5756
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9ANRYU-S-3VJ7&sigv=1&esig=2~9c03921dbefd79ea9e518b53c993aec491db4665

0
616 B

39ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9ANRYU-S-3VJ7&sigv=1&esig=2~9c03921dbefd79ea9e518b53c993aec491db4665

Protocol

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9ANRYU-S-3VJ7&sigv=1&esig=2~9c03921dbefd79ea9e518b53c993aec491db4665
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5756
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/P9JisBL4eDAFS5Ye0cseJQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9106965456346636601

0
239 B

11ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9106965456346636601
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Thu, 16 Dec 2021 18:26:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9106965456346636601
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5756
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbuE5QAMZMCMjQAz

0
239 B

44ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbuE5QAMZMCMjQAz
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639679206.162214,VS0,VE0
x-served-by: cache-fra19150-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbuE5QAMZMCMjQAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5756
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e1961bb-84e0-4600-baae-3f1a6ae2d154&expires=28

0
239 B

47ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e1961bb-84e0-4600-baae-3f1a6ae2d154&expires=28
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Server: MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e1961bb-84e0-4600-baae-3f1a6ae2d154&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Dec 2021 18:26:45 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5756
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMZjEY453xCKQnlgOZBUpgQ&google_cver=1

0
239 B

46ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMZjEY453xCKQnlgOZBUpgQ&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMZjEY453xCKQnlgOZBUpgQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5756 70 B
264 B 35ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5756
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTAxMWEyZWU3Y2RlOGIxMGI5ZTM0ZjVlZGY1ZThhYjc5OGVmMzViMA

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTAxMWEyZWU3Y2RlOGIxMGI5ZTM0ZjVlZGY1ZThhYjc5OGVmMzViMA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTAxMWEyZWU3Y2RlOGIxMGI5ZTM0ZjVlZGY1ZThhYjc5OGVmMzViMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5756
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5QU5SWVUtUy0zVko3

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5QU5SWVUtUy0zVko3

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5QU5SWVUtUy0zVko3
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D5E2 32 KB
10 KB 24ms
24ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e5468112933b663f6a84084845c0264056f805300bfe046db490491dacabb76b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16736
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9696
Expires: Thu, 16 Dec 2021 23:05:42 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A3D6 0
239 B 10ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KX9ANRYU-S-3VJ7
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D5E2 0
239 B 423ms
92ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&khaos=KX9ANRYU-S-3VJ7
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
Content-Type: image/gif

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame BA1C 0
128 B 13ms
12ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156858&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 102ms
102ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:45 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0425 0
733 B 70ms
70ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:46 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6a2512cf-cf8e-4314-89f6-6498af4ed2fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8YiBg_no9AIVxRLTCh3JRQOWEAAYACD00N5NOhoIyNnWhQMQ65zl5_kDGJ-96d4DIMjotqD2DkITCKPL3IL56PQCFXIRiwodNYgBWQ;dc_rmcid=CAASEuRo8txmebOZirl_2w6KIT1u6g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D2009,0,0,0,0%26mtos%3D2009,2009,2009,2009,2009%26amtos%3D0,0,0,0,0%26mcvt%3D2009%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2009%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D303%26pst%3D514%26dur%3D15018%26vmtime%3D1948%26dtos%3D2009%26dtoss%3D1%26dvs%3D1978%26dfvs%3D1978%26dvpt%3D1978%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D15,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D6940%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2009;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639679203063;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 528B 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn4-jdBA8engWUgs5jqg0uP1BRfFglwQIGdhIN6ibd6qqqMwPjl0gdhvXop9Ha0ZmyuoL2JSVqDGUE0d3CwQOKI_NQLvCw_0ofsKrPOuTXeQ9etCLZSg&sai=AMfl-YS2jzymtWncvkD2wXFpMHoq2YdjCXz9W3sgWFp3LS3-n73mRhSTpiFSzvAmLLhKCj81WzlTeZAuFmf9wHVruwuH2-jkdcONHbI18MtAS8hdSE0URswfItL7hrOm&sig=Cg0ArKJSzHpdeARd3JgcEAE&cid=CAASEuRo8txmebOZirl_2w6KIT1u6g&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D2009,0,0,0,0%26mtos%3D2009,2009,2009,2009,2009%26amtos%3D0,0,0,0,0%26mcvt%3D2009%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2009%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D303%26pst%3D514%26dur%3D15018%26vmtime%3D1948%26dtos%3D2009%26dtoss%3D1%26dvs%3D1978%26dfvs%3D1978%26dvpt%3D1978%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D15,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D6940%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2009&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639679203063

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK av Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 103ms
102ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/av?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:46 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8YiBg_no9AIVxRLTCh3JRQOWEAAYACD00N5NOhoIyNnWhQMQ65zl5_kDGJ-96d4DIMjotqD2DkITCKPL3IL56PQCFXIRiwodNYgBWQ;dc_rmcid=CAASEuRo8txmebOZirl_2w6KIT1u6g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D3987,0,0,0,0%26mtos%3D3987,3987,3987,3987,3987%26amtos%3D0,0,0,0,0%26mcvt%3D3987%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3987%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D710%26pst%3D514%26dur%3D15018%26vmtime%3D3947%26dtos%3D1978%26dtoss%3D2%26dvs%3D1978%26dfvs%3D1978%26dvpt%3D1978%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3987,3987,3987,3987,3987%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D24,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D8918%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3987;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639679203063;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 528B 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7CIz4YS7YePWE_KirAS1kIbIBbOp1thmyOi2oPYOh7a-z4gKEAEg0pbmOGCVgoCAwAegAdXQ8aMoyAEFqQK5_um4XgOzPqgDAcgDE5gEAKoE9wFP0NmHkdOdCZT7B7UUDA_KrjQwzcxA7NpdbI8E9dmyoL1H1VRTvFg1OSwfkSNSe7pH4mxLHEewKDPhmb1RMsXErJ3wo0d3VUByHaLSR5WRd2ZCWYuGBA470ErQuyObWM4_inWO0khJZJTQ9lgd49Sn3NVTzz-JJrPfpx2fGbpFKlLd3DGf3kFxfzUmtD_5nYmFyd7aZkeDBLKg-quJkuUZZA9FyvAD-J4CJMWbSGB602rQzM3x7pgw3EhmH-kX8RL06a_DfdNfR2Jy1g7MNAK4qdSZI4sijt7QTCBXi8q7TQL1hwdo_UPmarVPd3hAXFlMp_OpHDclwATrnOXn-QPgBAOQBgGgBk6AB9WIwoMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzU2NjMyODYyMzU0NDg2gAoDmAsByAsBgAwBsBPPtbENyBOfveneA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&sigh=laONXBQL-Cw&label=videoplaytime25&ad_mt=3947&acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D3987,0,0,0,0%26mtos%3D3987,3987,3987,3987,3987%26amtos%3D0,0,0,0,0%26mcvt%3D3987%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3987%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D710%26pst%3D514%26dur%3D15018%26vmtime%3D3947%26dtos%3D1978%26dtoss%3D2%26dvs%3D1978%26dfvs%3D1978%26dvpt%3D1978%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3987,3987,3987,3987,3987%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3229%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D24,0,0,0,0%26avms%3Dexc%26qi%3D927453117%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D8918%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3987&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1639679203063&sdkv=h.3.493.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1Njc4ODQ1NTIyODlAiAQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTU1ODk2MjgyCTE2MzAzMTE1NkDaAlI2CM8HEA8lAABwQSgBOgsxNjMwMzExNTYtMUIER0RDTUi9CVAAWhB4NlJRLTJNMFVsRGNHZV9qGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK aq Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 101ms
101ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/aq?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:48 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 5BA8 62 KB
11 KB 145ms
145ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: b2f1f081cbe8e2d70b175f0cbbd8313632a83211d6dfad0997994fe8ed87667a

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:49 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 11246

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BA8 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0BBB 156 B
142 B 258ms
258ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2223875711706198&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=7410EEEF-69DA-4BAE-93A1-87D58545E9BA&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dlt=1639679197626&idt=2175&dt=1639679209373&cookie=ID%3Da867e6000c985f2e%3AT%3D1639679201%3AS%3DALNI_Mbce0iH_XkgbbwiSTWa_tzTEQEauw&scor=3661701282418844&ged=ve4_td11_tt9_pd11_la11000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts9_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 50ms
49ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&pid=v4qIcmPpZgTFn&cb=2&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 5ENJEQEG9EJ0GNPQ2X7K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IPa98_cjvxgUhDrGXhmDmkD7kAG8x6jqadheUGdxInaMtBvDsobXyg==

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=458789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 34ms
33ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=458789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

3844d3d38dcc9505527a25e18dc120c00495caacb528c0c0c66e9ea897f886f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1430
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=412051;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 37ms
37ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=412051;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

fd46d0b2217d4f4c0c1ad78f040fe4291c9271e0675d250494e533e7f9311b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1428
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=619211;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 45ms
43ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=619211;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

59df292055721df8da6ccbbc5ed2f6d98045b61ef4e33ba55c64aaa73b51fc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1433
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK e Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 104ms
101ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/e
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:49 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 36ms
33ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=931c489f-dda1-4d9c-ae53-54a5058d2af1&ag=ne6xjxo&crid=ghq46ojf&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.5095682&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=840&pcm=3&ict=Unknown&said=5f83d629-86bc-4087-ab50-22bd94c3ec65&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIuZn3hvno9AIVFEblCh2BUQJtEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 44ms
42ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuZn3hvno9AIVFEblCh2BUQJtEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK e Show response
capi.connatix.com/tr/ Frame 5BA8 0
315 B 195ms
101ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/e
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:49 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 37ms
36ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=d0f16d4c-2c5d-46cc-b788-f78265ed3f2a&ag=ne6xjxo&crid=ghq46ojf&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.4950091&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=816&pcm=3&ict=Unknown&said=897a8877-57f7-4c3f-80d1-9bfe8f587231&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMItrv3hvno9AIV8-O7CB0EzwLVEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 51ms
50ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItrv3hvno9AIV8-O7CB0EzwLVEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 33ms
32ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=403dd054-52d9-4542-a00a-e4855733309d&ag=ne6xjxo&crid=kiaorikp&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.46710417&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=770&pcm=3&ict=Unknown&said=20ec3bf5-f03c-4cfc-8008-30cfb1dc9814&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMI7-j3hvno9AIVi4p3Ch0xAwFYEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 43ms
43ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7-j3hvno9AIVi4p3Ch0xAwFYEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BA8 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6292 156 B
142 B 264ms
263ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2340388142204292&cust_params=domains%3Dthreatpost.com&ad_type=video&us_privacy=1---&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1232260695&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=A790144D-8905-4A81-8930-5E4D74F9EF3D&nel=1&eid=44737475%2C44750604%2C44752711&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dlt=1639679197626&idt=2263&dt=1639679209652&cookie=ID%3Da867e6000c985f2e%3AT%3D1639679201%3AS%3DALNI_Mbce0iH_XkgbbwiSTWa_tzTEQEauw&scor=1953885128717312&ged=ve4_td12_tt10_pd12_la12000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts10_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 5BA8 144 KB
27 KB 197ms
196ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: f2af2e1b535d63c846d1f2b38e65f7137c40a191a252de53def51b3b34e9a4fc

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 27645

POST
H2 204 mvo Show response
tag.1rx.io/rmp/216475/0/ Frame 95BE 0
170 B 52ms
27ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 mvo Show response
tag.1rx.io/rmp/233148/0/ Frame 95BE 0
170 B 52ms
28ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 95BE 144 B
1 KB 323ms
323ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f1889e8a137f391ba851428e0295405b8eaa509beec8d56ec72b05bc3f5419d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:50 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0cc2c78c-7727-47e7-8295-04629407f8a5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 95BE 0
59 B 120ms
120ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 95BE 106 B
127 B 49ms
49ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4e7a7d95-d4d7-4b66-aa7c-534e6583b22d&nocache=1639679209968&gdpr=0&pubcid=c387521a-8024-44dc-9954-8d1350132e3f&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C66709b23-5cf4-4f35-98a1-7f2cd8619a21%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
via: 1.1 google
server: OXGW/17.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 95BE 37 B
331 B 83ms
82ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?t=900&s=435870&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2249fc40cb85eb7df%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%2266709b23-5cf4-4f35-98a1-7f2cd8619a21%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22502fdf0d7116436%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 05d9ab34037257089c429c4d85208d27dd5fa2892491ba48c7743251a8b8eea4

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.81], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://threatpost.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 16 Dec 2021 18:26:50 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/233098/0/ Frame 95BE 0
170 B 45ms
28ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 95BE 37 B
331 B 58ms
58ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?t=900&s=435871&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225306cc2a0aea4d9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%2266709b23-5cf4-4f35-98a1-7f2cd8619a21%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225486938c71736db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6f6a7d3a4426f753e734a91ea6b812ee117143ed7ca836289412b1a34d6e155e

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.81], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://threatpost.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 16 Dec 2021 18:26:50 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 95BE 0
215 B 215ms
215ms XHR
application/json 18.196.20.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.20.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-20-13.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 95BE 144 B
1 KB 147ms
146ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

52a89bea3a6b2182870583bcb329e4dea7b491d39e3ea5b6b699333bc02ffd54

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 18:26:50 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 45e44cba-233e-4153-b39f-6625410d7263
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 95BE 0
41 B 93ms
93ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Thu, 16 Dec 2021 18:26:50 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://threatpost.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

GET
H3 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 95BE 106 B
127 B 64ms
64ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0a0c1580-8e7b-4d29-88f6-55933dcdef02&nocache=1639679209979&gdpr=0&pubcid=c387521a-8024-44dc-9954-8d1350132e3f&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C22ef379d-be35-45ca-8f51-5a7822200cc9%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
via: 1.1 google
server: OXGW/17.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/216476/0/ Frame 95BE 0
170 B 29ms
22ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=4.43,2.1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:50 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame 95BE 14 KB
14 KB 136ms
135ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: cd6e5e14b0fbe3d80e4f8f8102bd895fb8fe9466e32fbb53901b276e54feac66

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Thu, 16 Dec 2021 18:26:49 GMT
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
content-type: application/json

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BA8 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0BBB 27 KB
7 KB 385ms
385ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=441885208410118&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=7410EEEF-69DA-4BAE-93A1-87D58545E9BA&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dlt=1639679197626&idt=2175&dt=1639679209990&cookie=ID%3Da867e6000c985f2e%3AT%3D1639679201%3AS%3DALNI_Mbce0iH_XkgbbwiSTWa_tzTEQEauw&scor=492109631791422&ged=ve4_td12_tt10_pd12_la12000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

12c62ad18f497abe133b3d74dd6f39c832cb4671dd2637528bc4c69ffdfea766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6631
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ Frame 95BE 63 B
324 B 16ms
16ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 8c631ce71c59ed2cc5703b63b9fb59c4bc6d94b9557b77adc8b35b0842b67997

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Dec 2021 18:26:50 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 63

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104983;sz=0x0;ord=784204;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 39ms
39ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104983;sz=0x0;ord=784204;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

4d72c1f448e8c807e8dd399dbfe73aad8fe145140d57bd600592324eebe1d1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1435
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=893788;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 41ms
41ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104980;sz=0x0;ord=893788;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

81af44253dea93bc39b7f887f04e3d61bed840c4965d7a9f04ddfb138473b3a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1429
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104983;sz=0x0;ord=685715;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 43ms
42ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104983;sz=0x0;ord=685715;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

d6daf8d887f08f8222a3c2745cd7def8f2701e13e639cc3ee6563a17c018cf40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1436
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=873150;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 38ms
37ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=873150;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

b7aa775f5accfbb06e95737f495b8377640a6edf0e96244cdef27a076d21d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1436
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=598156;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 38ms
38ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=598156;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

63d6a0dbaf3541e74baea0f7fac665c2f23aef08561806a98cd2984f35847440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1436
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=519087;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 41ms
41ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=519087;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

ae91d2f575b0e780c420bdbe43e162c0339164a0095f437431ea1ff3fa910147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1440
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=102451;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5BA8 4 KB
1 KB 43ms
42ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=102451;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

f534688ea80623a941e893c7f75e42c0c39d2ce39b8a34c1a0519aa2d2aa72c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1424
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ Frame 5BA8 13 KB
5 KB 15ms
15ms XHR
application/xml 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache?uuid=2f9ac6a4-7cb2-4a30-90bd-794aea62ba5d
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: a1dab8645bae3e94528e0ae6a71a17680d1f4dda4e2b89cf11f0f3ce12819772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:50 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/xml
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0BBB 29 KB
14 KB 78ms
57ms XHR
text/xml 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BwDIsA7pKPSh1czhc9UEjCxJDDT_cAl0ZM1qaux0jP0rg9-SDWE0-VfhupJu2Ln1db_Xq4V0lwzXGw6hPqrCDvB1T2kw&cry=1&dbm_d=AKAmf-Br5b76rsLsg4HVQx6gklP0zyjARRA6cUXHoB_ity0gBcvrTrakQOphD_6i0E58Kku97ANIkFDaWZ3IFY4OYrX7DEdZz2aCGikYXSaQIJ4Xp6XrFnjbli1hi3VYcd-Iuo_-PncXpBLBx_QeDIVi6WuztNj5GpAFTsa32UqzlXaZ1IbOsxfFs1Nvz_IJ-zfpRzxVq0lfoU8Pw8UpGgsba9aq0KiAEwku86zR-M2BNnhc-A4vaA7E6RcZDeB8TVQ-u0D199IubiDgNL_v52mQHTws34VxUb8gQdXi8yc6l-pVsJ_q_ANToQExyxMRhq-Phb0zOBHMy3Oz-oFmhDhKD4Qh-p8CmIRDGLstDO2TaWZQ1EaEyPZBfLz5jYPibo3axI0pUu3WoVJMPKENHV7lm17l75ZSkmtT8IlvGYrfy6UcgFxJfsMk8RM5deekx2vRa7GzkfKjuwVT9-Nyw24qG5cs7DzqcDIFz_m8mzAl57eBidiywGY8i8N3uhQC2-Ic2N843ZH-T-J1n0yydWQc_JXbhcFTeamYTT1vb_kW3Ml9pJYGU4VV2rH1C3MVtkRfPzrua6jXYHHSOxTwaAE5vaYly_qLHxo5mz8i7Lr8ChcyVCwLDvaOZF3pqtnvSvjuaNF_KIKi963-IqcY6OlRIDdo5xwhGhWNv_JstgK5NyzmRu_LRTi_x5lK2cmEvN4fxCeJ8Whlqq01BKfnN5AmuCeR2L-7sR7U_r4UxM-bFtPcUgYSflm-mZhTjsyKT8gBDZnf6z2RVV4ZNv1YBTvVQdzqHbJpQfQ_UgLHREC16LXb6WfMeC_KXHa6GEtJ6GA9Y-F6mxcHpbbc5Xuv5I5ziBIOLgAxMHCHyKZXxAC0-gYzN9zZFabsmyqdFW5CZr3nASKCUsIZBeZeEB5040BttdOXCEBR431ViiD-QCNU6DGoD8IR2AtVpywb3YsIHuF5OLOTa_heON2_EMcwsTpFnl2b1FEozyYptu1bau787-ypI5WpibdgrVMkRcIBPmDAmBBAytF_KuEFUJM3_aw2wWbjVACUKGaqy8xGE0l2_zixzSg74yhrCPjzfjmeRMNHjrmR0NBzLxMC1AIM-OMavBzWo_cTe7vApyStVjIJt3lghqwdsu3L-7Gr7MXtm0po0RqMmNwAWfBrXpDSaB76yvIJ0Jnkik4uECNHqyvSJ63fdn6mBQxa3MWccq9qXnbq0S0S-NhC__OJJx1gfTY0M9KVnrQCuujC4NN42EF8y15FaiQJ9C8klQbTJKaQ4odbitHFPGNbQaKN3FT6xYmPzB_MlYCD-wdMckSppbg7aPkVPxpjpymSOIFhwjmRIZvnA84ZZK6GL7rDrTMT4lAy5MrBzHky0LbsvZ7BhEk6fA-jK-nioyxcz0jRbFZ0b1xrmgUv7gooBH3094jaY57KVUorgfv2NCS876-Q-sqFXzs2tNh4eva7SMP2ZvDy_ekNoLBBuGGvsk0atkkrPtCfersU8ioYTE49PJD5Ma57ZZ4ryl6Td2z2jRbUXUGakvt8y2zPJM_kyLGR7K5VFaWbISe_xYOyOK0AlXiAOpJk0W5IwWBb-jN-pg6pNnF0eJ1P-IJn7ZSN6LMC32U8ZyIJwp9ciexEEBdc5MC0XGF2Gi05zmDsyMiiYSOltR0Fo4WrUe0SyfejEmZ9qSediOfkL3TAkHhRR_IrDYlsS-lrU8zKFrYCgvRxZhKzcX6eDNcfoa8RTK4G3Y0oLBVoYjfSOXoOYtGUnwQngDn8yxlVNsxMeprfr262AIhj0ssQevrGNDPsTX2lnC1FsqKhZ7WhjppPEarm3HXPAi620HdgyEfh2zKNGezrlLj1RvRtpoXf5BNjQObsQWXh6LvAilA7WVnXfoQRKP0coXz-r82OwvfOfd8JJ6Le8QMh1SZi2PbfSPyaGvh8NgAKsZ9wCYiyAxL9T9_Pk9qQvs25K7dmPiAO3Gv37xA4Lw6Oa-3oZOuKBzHKi3y-Whiza3RxERTMHd1bNIgUcgddvmIZrNC8eZCxD8dVaDlt5wELDuWTY_KREc_smJfExMxZz9mQgng-rDZIvN5cvu7I5AigZSzipGoW5J67xzuyF_gzeOQpY6E326blaD638oLfEw-2SRju0a5mnuveZH8Q9JMh_ozn5OrMCK1z9dhQAbSrAMORazeRJIQ7SE6xGYk54kpRouzncDZE4vj0c_me27X9Nj2OASBaliHkvjFhGRjJL7H0SB8UfZPgHu2eawLJjyXC7ogx6SMyK3Iph3ZdMrkHi29VEMpj6g12AgZLfplzjotqtzRsqQrz9miNmEvtTSospZVyfeDz7Rs9GZL6_Fwyzm5iD8VjUIXcXV_dTZDY7j3TYUIVXXtMrBvMvCeCv_ryyOPknFMJyo9et7AHCUnD0siklfGDw_x7nciGLwE_ixv6anlIXJ7HnVGVNEi2eJs5bL_cp0m-szl_lQ42Szb18BlxXHyVuasJQRNfDmziqClrc5laFQZQSbl68SLRvoZKyquVn6QOPgSZJzcbv6SW9sDrO2uz7ItYQ6rkBFgDnFZb9L_b_nqls1n3WRHhNjYRQJPVsW248jzxVCdpi9WC-oDSWkFGbJQGN3IXVVC3beAvd1sMRhRbyG6WXQrnCzxV1HjqMG-Td-DqGfBrGKK4nNPWuHTOuzvm3rqVbzoDWQ5ZXVRTcs5GxxbfBrjZduTXrzJ0cYEZc7tf4LzRpkOMBWv6LIYshRDjkn3wrWqmiJeEHgG7pGsmJtXdrQ4UB16DBpBHRuH2CcCRmoXw7hC-uX6lJC2JLiLByqBuBvHngL3WSM8VMZieiFcVi65n1MnGKporm9nQa32mmj5GKEO55EgBS2slYDSlLlUgad0RG1k96W7qdtMJi2ym32PGxLky1i2QI784JHDXjPahzbs5qw201GhWcv0ABV9uJmQwVb5il8OiU0m7G6dUczRGI8X5isJoKZmFHlcBLtvpRoOHRjCpEYN03hi0PEEfIb2ebv4x40VsKbNcfGZAQx_FzOm7mvcDD6_v-4bj-AGOv1fxv8n-MPOvskvt8bFNLBUwSj-hJZvS42E43a4_EYcJT6ENF4q1jD8RlTNWOIyX19bw3UAmZIzPk9GG7XTlmHX1HJ9ItB_7r7nyuFjvTrccZX1X3mWxtyAPf1xthx97xK1kihmptVxyhHt-rL5Ht5IjB6Ss1CsLkXIS1TYA&cid=CAASEuRohgju_edicX31rGtfr1tIdA&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=7410EEEF-69DA-4BAE-93A1-87D58545E9BA&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&url=https%3A%2F%2Fthreatpost.com%2Fcategory%2Fvideos%2F&loc=about%3Ablank&dlt=1639679197626&idt=2175&dt=1639679210389&ged=ve4_td12_tt10_pd12_la12000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

cafe /

Resource Hash

be75e8916a82d52a33b49d74dcf2a59eb9c9a6c13aed5e932d92ed0a28df37c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13941
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 5BA8 0
315 B 103ms
102ms XHR
application/x-protobuf 18.224.222.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=142882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.222.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-222-89.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 18:26:50 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 33ms
33ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=eca348b6-949a-4542-9237-91fc6cd4b1b4&ag=ne6xjxo&crid=wk651gx7&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.5053218&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=833&pcm=3&ict=Unknown&said=82dcbd90-d549-4c3f-8f25-ad6e12aa87a3&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMI_9qhh_no9AIVFLh7Ch14HwZVEAAYACC_2vpN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 53ms
52ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_9qhh_no9AIVFLh7Ch14HwZVEAAYACC_2vpN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 33ms
32ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=766bd850-d21d-4b51-bb1e-cbb46e74dcbb&ag=ne6xjxo&crid=ghq46ojf&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.49561572&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=817&pcm=3&ict=Unknown&said=65fc3523-ec74-47aa-a1a3-ded7a4fb3e78&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIzO-hh_no9AIVGErgCh1DNQmjEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 49ms
49ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzO-hh_no9AIVGErgCh1DNQmjEAAYACDUv-NN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 34ms
34ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=29db777a-51e6-4c75-8bff-b1fbfce7185a&ag=ne6xjxo&crid=wk651gx7&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.49561572&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=817&pcm=3&ict=Unknown&said=a334f7f5-4592-4965-8864-2f589d028de8&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIs_-hh_no9AIVgIb9Bx17wA2lEAAYACC_2vpN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 48ms
48ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIs_-hh_no9AIVgIb9Bx17wA2lEAAYACC_2vpN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 39ms
38ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=9fbf6e7b-2905-469b-a171-39fcd82d78b5&ag=ne6xjxo&crid=21ht9242&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.48712292&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=803&pcm=3&ict=Unknown&said=5c10b054-551e-4b68-a6a9-7a0731adfe23&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIkYaih_no9AIVyY39Bx20AwavEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 47ms
46ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkYaih_no9AIVyY39Bx20AwavEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 36ms
36ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=053498ea-e69e-47b7-b718-4aa6e761cb6d&ag=ne6xjxo&crid=21ht9242&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.47074395&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=776&pcm=3&ict=Unknown&said=0b32da97-1ded-48cf-9a4f-68b77946c26e&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIjYeih_no9AIV28C7CB0OfQ1BEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 47ms
47ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjYeih_no9AIV28C7CB0OfQ1BEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 35ms
34ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=91818cf6-00a8-4b49-a7a7-64f15956d09f&ag=ne6xjxo&crid=kiaorikp&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.45618486&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=752&pcm=3&ict=Unknown&said=ef69e3a5-3d0c-4eeb-81d9-e6620416d5e2&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIwqOih_no9AIVFE3gCh2x8wFOEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 50ms
50ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwqOih_no9AIVFE3gCh2x8wFOEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/video/ Frame 5BA8 0
100 B 36ms
35ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=%5Berrorcode%5D&ast=%5Basseturi%5D&imp=cd850230-ac8d-456f-944a-78e115b9f8ba&ag=ne6xjxo&crid=21ht9242&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=&mcat=&mste=threatpost.com&mfld=2&mssi=&mfsi=&sv=connatix&uhow=115&agsa=&wp=0.4319197&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=329085709478694&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ipl=c2ecd04f-0dca-4ffa-8761-d93b34717380&fpa=712&pcm=3&ict=Unknown&said=a70a9d37-1809-4a56-978a-c88db0c69801&auct=1&grdc=CAE.&sfe=13f304ea&vp=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 dc_oe=ChMIy62ih_no9AIVZdcRCB1tswByEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5BA8 42 B
63 B 48ms
48ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy62ih_no9AIVZdcRCB1tswByEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame D82B 152 KB
36 KB 20ms
18ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

POST
H3 204 csi
csi.gstatic.com/ Frame 0BBB 0
17 B 179ms
179ms Ping
image/gif 2607:f8b0:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kx9anrqo&c=8761236955789&slotId=4380618477894.5&qqid=CPTClof56PQCFUZW4AodvAMBOw&gqid=6oS7YcPmJIqegQf04KGgCQ&fb=ima_html5-lima&sdkv=h.3.493.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44750604&wta=1&vmfc=17&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5885 38 KB
14 KB 8ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=106359
expires: Fri, 17 Dec 2021 23:59:30 GMT
date: Thu, 16 Dec 2021 18:26:51 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
insight.adsrvr.org/enduser/vast/ Frame D82B 20 KB
20 KB 36ms
35ms XHR
text/xml 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/enduser/vast/?t=1&iid=bd9598c7-8529-4df3-a64d-c3b15c15b154&crid=21ht9242&wp=0.476204&aid=1&wpc=USD&sfe=13f304ea&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=pj549kn&ag=ne6xjxo&adv=7kn31tr&sig=1PErpn3WmGU_jI80J4149kyIASwe3_VQNZ2i1DPo2H3c.&bp=0.60662879514834959249&cf=2825436&fq=0&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&uhow=115&agsa=&rgz=22049&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=156858&did=&rcxt=Other&lat=53.580000&lon=10.060000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&testid=tv-6553-10vc&vpb=MidRoll&dc=16&vcc=CAEQtAEYtAEyCggCCAUICQgGCAQ6BAgBCAJAAUgBUAKIAQKgAZADqAHhAcgBAdABA-gBA4ACA4oCCAgCCAMIBQgGmgICCAKgAgOoAgGwAgC4AgDAAgA.&sv=pubmatic&pidi=3121&advi=183204&cmpi=2037899&agi=10470660&cridi=21571258&svi=12&cmp=1wh9o3t&vrtd=14,15&rurl=https%3a%2f%2fthreatpost.com%2fcategory%2fvideos%2f&tsig=fVmeUIP0oDiPGQ1lSskM_hXy96yqQjwaXJGVYOb7G-s.&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&adpt=pubo&ipl=2446008&fpa=785&pcm=3&grdc=CAE.&vc=3&said=E3D2254C-19D5-4F90-80D3-7A60182A7961&ict=Unknown&auct=1&im=1&mc=8b8e9250-d193-47ff-86ff-a07b7ffeed0f
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: / ASP.NET
Resource Hash: 41032399b30ba2d0e7be445663bf2d1541ac34b3f339d025b57ea11d03240cd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5885 1000 B
1 KB 25ms
25ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9869556&p=156858&s=630907&a=2446008&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d01d5f1ac0426fecc9370f28dff65f2f08011479bf12e29f8edaa09724805301

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1000
content-type: text/html; charset=UTF-8

GET
H3 200 xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=645536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame D82B 4 KB
1 KB 40ms
39ms XHR
text/xml 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=645536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=

Requested by

Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

217d834bfb82067eef8b503e459860e2779acb2cb439844fe7a25b4f518ad51a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1446
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7E77
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=

1 B
413 B

12ms
12ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Dec 2021 18:26:50 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug011:0:368
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbuE5QAMZMCMjQAz&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Thu, 16 Dec 2021 18:26:51 GMT
via: 1.1 varnish
x-served-by: cache-fra19150-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1639679211.434676,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5885
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1434631964
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

0
0

GET
H2 200 1520C0B0-4915-482E-8EDE-84F1E7A611CA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5885 43 B
875 B 34ms
32ms Image
image/gif 2a05:d018:d29:3602:7523:c0c8:9412:6c81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/1520C0B0-4915-482E-8EDE-84F1E7A611CA?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:7523:c0c8:9412:6c81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET

getuid
ads.avct.cloud/ Frame 5885
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic

0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5885
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7881695143172826811&gdpr=0&gdpr_consent=&us_privacy=

1 B
323 B

13ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7881695143172826811&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:463
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7881695143172826811&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 5885 0
103 B 13ms
12ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1520C0B0-4915-482E-8EDE-84F1E7A611CA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 18:26:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 5885
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 200
OK 59213329 Show response
unified.adsafeprotected.com/v2/906389/ Frame D82B 15 KB
4 KB 53ms
53ms XHR
text/xml 34.241.64.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/906389/59213329?mon=59213341&omidPartner=%5BOMIDPARTNER%5D&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=%%TTD_SITE%%&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsudeCDa-utHaN5eMo_JSj_b2nyjDS6cqQ6PhFnN_zptq6E5zg1ak2kmvVS6H3RX-WQn8ygLz_z5d-ExczDJfBxhZFw8roz5nGTxP0uQqrv3Hk9gZGrwV8x787DL4tHb7RFOkQKxO-1nnx4zG2McMP6OHQ%26sig%3DCg0ArKJSzDBaogSu8tjIEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&originalVast=https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891%3Bsz%3D0x0%3Bord%3D645536%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5Njc5MjExNDM4Cg%3Bdc_cid%3D163131182%3Bdc_adid%3D515409227%3Bdc_vpaid%3D0%3B
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.64.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-64-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5c3468cbba69da187232de5b23091686aa29ca9e466f6856a3c6ae947e8028c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 18:26:51 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3700

GET
H2 200 track
aktrack.pubmatic.com/ Frame D82B 0
61 B 8ms
6ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446008&wa=243&ts=1639679210&wc=22918&crId=21ht9242&ucrid=12824810715055717997&impid=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&advertiser_id=8730&ecpm=0.523516&er=982&pfi=1&ch=3&it=5&vadFmt=6&vapi=2&sURL=threatpost.com&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
content-length: 0
content-type: text/html

GET /
insight.adsrvr.org/enduser/video/ Frame D82B 0
0

GET dc_oe=ChMIl6PFh_no9AIVF5d7Ch0TkAd5EAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame D82B 0
0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 5BA8 0
61 B 9ms
8ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446008&wa=243&ts=1639679210&wc=22918&crId=21ht9242&ucrid=12824810715055717997&impid=E17CFCE0-A68C-4FD3-83BC-9AEF8FC48CDE&advertiser_id=8730&ecpm=0.523516&e=96&ier=%5Berrorcode%5D&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:26:51 GMT
content-length: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=147&mapped=81af1dac-941a-4a28-8cd7-842422c9914d&icm

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

Domain: ads.avct.cloud
URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Domain: insight.adsrvr.org
URL: https://insight.adsrvr.org/enduser/video/?ve=error&vec=900&ast=[ASSETURI]&imp=bd9598c7-8529-4df3-a64d-c3b15c15b154&ag=ne6xjxo&crid=21ht9242&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=pubmatic&uhow=115&agsa=&wp=0.476204&rgz=22049&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=156858&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55EiJGcmVlIGFuZCBIYW5zZWF0aWMgQ2l0eSBvZiBIYW1idXJnGgAiB0hhbWJ1cmcwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&testid=tv-6553-10vc&adpt=pubo&ipl=2446008&fpa=785&pcm=3&ict=Unknown&said=E3D2254C-19D5-4F90-80D3-7A60182A7961&auct=1&grdc=CAE.&sfe=13f304eb&vp=0

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl6PFh_no9AIVF5d7Ch0TkAd5EAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;

Verdicts & Comments Add Verdict or Comment

295 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

134 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 01:37:35	Name: sync Value: CgoIgQIQwsL8o9wvCgoI4gEQwsL8o9wvCgoI5gEQwsL8o9wvCgoIhwIQwsL8o9wvCgkICRDCwvyj3C8KCQg6EMLC_KPcLwoJCAsQwsL8o9wvCgoIjAIQwsL8o9wvCgoIngIQwsL8o9wvCgkIXxDCwvyj3C8=
.mrtnsvr.com/sync	1970-01-20 08:15:01	Name: userId Value: Bs2tB4OfM
i.liadm.com/s	1970-01-20 00:11:11	Name: _li_ss Value: MgkI_____wcQjxE
.threatpost.com/	1970-01-20 16:59:11	Name: _ga Value: GA1.2.1292139180.1639679199
.threatpost.com/	1970-01-19 23:29:25	Name: _gid Value: GA1.2.1555522908.1639679199
.threatpost.com/	1970-01-19 23:27:59	Name: _gat_UA-35676203-21 Value: 1
threatpost.com/	1970-01-20 00:11:11	Name: _pbjs_userid_consent_data Value: 6683316680106290
.quantserve.com/	1970-01-20 08:58:13	Name: mc Value: 61bb84df-dc708-a7b54-de319
.twitter.com/	1970-01-20 16:59:11	Name: personalization_id Value: "v1_mk8fMYbMtiw6YG9hAERPRA=="
.threatpost.com/	1970-01-20 08:52:27	Name: __qca Value: P0-247186926-1639679199297
.openx.net/	1970-01-20 08:13:35	Name: i Value: d713c038-e7c7-4eb7-ae57-3250b4c2c964\|1639679200
.threatpost.com/	1970-01-20 03:47:11	Name: _pubcid Value: c387521a-8024-44dc-9954-8d1350132e3f
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 08:13:35	Name: khaos Value: KX9ANRYU-S-3VJ7
.rubiconproject.com/	1970-01-20 08:13:35	Name: audit Value: 1\|naVuGyos1qpKiaVuud4DQ+MH05QULE/jV/G9Z/GRzTxyH6GfBxt1tljsCCOXhhXiazGDAnZkjgciW6Q58jarRAvAG15loFpV9ffqWu8FjBY=
e.serverbid.com/	1970-01-20 08:13:35	Name: azk Value: ue1-sb1-88d5e815-c6d1-46e7-b270-140f00e203f4
.adnxs.com/	1970-01-20 01:37:35	Name: icu Value: ChgIzLJhEAoYASABKAEw4InujQY4AUABSAEQ4InujQYYAA..
.adnxs.com/	1970-01-20 01:37:35	Name: uuid2 Value: 3343957620543684404
threatpost.com/	1970-01-20 08:49:35	Name: cto_bidid Value: urZ1EF9jY1psdDhNMW5lJTJCJTJGUnRPQkZRNGRVU2VlTyUyRk8xaUxyVDEzZkJmODQ3QiUyRkNwRDE0JTJCeENMUGlYV3VZWUFKQmc3ZHJHWTR6R2R2RGVZaHA2OXlLZmhpemclM0QlM0Q
threatpost.com/	1970-01-20 08:49:35	Name: cto_bundle Value: gQPoVF9oUWcwN0EwNUclMkZHUkVOJTJGS2VPMlBpJTJGWmowSGRKQWZ4SnBGTzRXJTJCQWh5S01XWFI2cHRHMEhLVk1hMG5NVjd3WUxPQUtTeWdXRWo4TU5JVWNtRVFSOTNncTRzJTJCa0pzV0FGcGpkMTVaNjhVc0p3N0tnbGI1bUVqdGVRJTJCOUkxbWJHQQ
.lijit.com/	1970-01-20 08:13:35	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/	1970-01-20 08:13:35	Name: ljt_reader Value: 3dca89b7fdd10c39453eec1d
.pubmatic.com/	1970-01-20 01:37:35	Name: KADUSERCOOKIE Value: 1520C0B0-4915-482E-8EDE-84F1E7A611CA
.adform.net/	1970-01-20 00:12:37	Name: C Value: 1
.simpli.fi/	1970-01-20 08:15:01	Name: suid Value: 7712ED00DFAE4FE781555F3F2E83F62D
.mathtag.com/	1970-01-20 08:53:54	Name: uuid Value: 3e1961bb-84e0-4600-baae-3f1a6ae2d154
.adform.net/	1970-01-20 00:54:23	Name: uid Value: 2929780910311444289
.de17a.com/	1970-01-20 08:06:23	Name: guid2 Value: 1.7918867047318286971
.pubmatic.com/	1970-01-20 01:37:35	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_80 Value: 22987-CAESEA96iYDAMFgHGQwZw5WOPrg&KRTB&16514-CAESEA96iYDAMFgHGQwZw5WOPrg&KRTB&23025-CAESEA96iYDAMFgHGQwZw5WOPrg
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_27 Value: 16735-uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09&KRTB&16736-uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09&KRTB&23019-uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09&KRTB&23114-uid:73a761bb-84e0-4300-8a07-f10c0b0d3e09
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_336 Value: 5844-7918867047318286971
.doubleclick.net/	1970-01-20 08:49:35	Name: IDE Value: AHWqTUn0nZLkluXRkdbcNhMrlQIUdn1FnXX-6tsrdpFR4qGN_XZWBBZB-bRj258BdPk
.onaudience.com/	1970-01-20 08:13:35	Name: cookie Value: bcc8d64ed0d63567
.onaudience.com/	1970-01-19 23:29:25	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 08:13:35	Name: TDID Value: 81af1dac-941a-4a28-8cd7-842422c9914d
.onaudience.com/	1970-01-19 23:29:25	Name: done_redirects104 Value: 1
.threatpost.com/	1970-01-20 08:49:35	Name: __gads Value: ID=a867e6000c985f2e:T=1639679201:S=ALNI_Mbce0iH_XkgbbwiSTWa_tzTEQEauw
.advertising.com/	1970-01-20 08:15:01	Name: APID Value: UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
.casalemedia.com/	1970-01-20 08:13:35	Name: CMID Value: YbuE48FpMdYRks.S89acmwAA
.casalemedia.com/	1970-01-20 01:37:35	Name: CMPS Value: 5233
.yahoo.com/	1970-01-20 08:13:56	Name: A3 Value: d=AQABBOSEu2ECEIwii60od5nz-kuC94zjTQMFEgEBAQHWvGHFYQAAAAAA_eMAAA&S=AQAAAuz7vOOeXkKYWT73KMeQlQw
.casalemedia.com/	1970-01-20 01:37:35	Name: CMPRO Value: 1161
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
.pubmatic.com/	1970-01-20 01:37:35	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-19 23:29:25	Name: pi Value: 156858:3
.pubmatic.com/	1970-01-20 01:37:35	Name: DPSync3 Value: 1640822400%3A221_226_227_235_201_197_219%7C1639699200%3A174
.pubmatic.com/	1970-01-20 01:37:35	Name: SyncRTB3 Value: 1640822400%3A13_54_56_3_7_161_220_21_8%7C1642204800%3A203%7C1640217600%3A223%7C1640908800%3A35
.adnxs.com/	1970-01-20 01:37:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>0sy#Kw!]tam8i_iqf!oN/@E'zz<*Z0QA9'Rd.Pje0%Pe$4ImG>WR:/#m^bTJHWfYr]/X%W#.wL4W1Qw1NXgfS.
m.exactag.com/	1970-01-20 01:37:35	Name: exactag_new_gk Value: dcb1d8ee39804a9b8b40c406b3607ec4%7c14.02.2022+18%3a26%3a44
m.exactag.com/	1970-01-20 03:47:11	Name: exactag_new_uk Value: 81447941bb304751a730593119765b13%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 893b09d4b7974a968cbe615b
.zeotap.com/	1970-01-20 08:13:35	Name: zc Value: 999ffb3e-9e6d-48ab-7cc1-35f7e88e2a2a
.adfarm1.adition.com/	1970-01-20 01:37:35	Name: UserID1 Value: 7042368557124876440
.fiftyt.com/	1970-01-20 08:13:35	Name: fifid Value: 29ae74ab-15b0-40d7-4d6c-aa02b90b31c9
.fiftyt.com/	1970-01-20 08:13:35	Name: cs Value: MTYzOTY3OTIwNHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fBIa5uAK4xOnv4B4fLi5w5MGww5LmW57rJ8KrtX6GZ34
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_1101 Value: 23040-7042368557124876440
.semasio.net/	1970-01-20 08:13:35	Name: SEUNCY Value: 6140B64B74776CBC
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_153 Value: 1923-0DwEY945AmfLaQU21jVLYNFvUzXLaQMy1zREmXdA&KRTB&19420-0DwEY945AmfLaQU21jVLYNFvUzXLaQMy1zREmXdA&KRTB&22979-0DwEY945AmfLaQU21jVLYNFvUzXLaQMy1zREmXdA
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_391 Value: 22924-2929780910311444289&KRTB&23263-2929780910311444289
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_377 Value: 6810-81af1dac-941a-4a28-8cd7-842422c9914d&KRTB&22918-81af1dac-941a-4a28-8cd7-842422c9914d&KRTB&23031-81af1dac-941a-4a28-8cd7-842422c9914d
.fiftyt.com/	1970-01-19 23:38:04	Name: fppm Value: 20211216182644
.d3sv.net/	1970-01-20 00:11:11	Name: _dnmt Value: s%3Aa80fa48f-b812-4f1e-aa63-cb1acf097ada.1639679204.WWLauGsyE7s2JfcJ4P4xgpRq5Qa3CQ4xmU0j5bkq9M4
.pubmatic.com/	1970-01-20 00:11:11	Name: KRTBCOOKIE_57 Value: 22776-3343957620543684404
.pubmatic.com/	1970-01-20 00:11:11	Name: PugT Value: 1639679202
.doubleclick.net/	1970-01-19 23:28:02	Name: DSID Value: NO_DATA
.eqads.com/	1970-01-20 01:37:35	Name: EQUser Value: UID=27daf2c3-4bed-4777-b0e5-6fe1e0f34c92
.audrte.com/	1970-01-19 23:49:35	Name: arcki2 Value: f14lWgaTOreT1OPX-XnIrR2Bw!20210804!1639679205074
.3lift.com/	1970-01-20 01:37:35	Name: tluid Value: 13420380357370956361
.openx.net/	1970-01-19 23:49:35	Name: pd Value: v2\|1639679203.2\|kiiygevNgun0.gqsLommOnsgi
.bidswitch.net/	1970-01-20 08:13:35	Name: tuuid Value: 1f84e4a2-4b65-4f6b-969d-c68d9d026a21
.bidswitch.net/	1970-01-20 08:13:35	Name: c Value: 1639679205
.bidswitch.net/	1970-01-20 08:13:35	Name: tuuid_lu Value: 1639679205
.w55c.net/	1970-01-20 08:58:13	Name: wfivefivec Value: 1tDHbrUE1MXVsN5
.smartadserver.com/	1970-01-20 08:58:13	Name: pid Value: 6061981485391032988
.bing.com/	1970-01-20 08:49:35	Name: MUID Value: 3D95197E868B637D105208718759623F
.servenobid.com/	1970-01-19 23:38:04	Name: pid_312 Value: 3343957620543684404
.servenobid.com/	1970-01-19 23:38:04	Name: pid_337 Value: y-Sa_Mxe5E2uHKcHC3M3fyjthF3K86tBMTUrRwN.s-~A
.gumgum.com/	1970-01-20 08:13:35	Name: vst Value: e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c
.a-mo.net/	1970-01-20 08:13:35	Name: amuid2 Value: 085e865d-3ae0-41ec-a6d0-44825dac8346
.w55c.net/	1970-01-20 00:11:11	Name: matchopenx Value: 5
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:59:53	Name: bcookie Value: "v=2&501d6539-fe3c-4e68-881e-b1c1aedb71e0"
.linkedin.com/	1970-01-20 16:54:02	Name: li_gc Value: MTswOzE2Mzk2NzkyMDU7MjswMjHDmvrnC8mNhMWdxv6Xz6NKRD6ejVPyMUIebmw/hCqvQw==
.linkedin.com/	1970-01-19 23:29:25	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2196:u=1:x=1:i=1639679205:t=1639765605:v=2:sig=AQHo8NTmbXcF2LNfpioIVcWon4zIl-PF"
.servenobid.com/	1970-01-19 23:38:04	Name: pid_327 Value: 085e865d-3ae0-41ec-a6d0-44825dac8346
.quantserve.com/	1970-01-20 01:37:35	Name: d Value: EMEBGAH8JPijCJiTCuu4EA
.servenobid.com/	1970-01-19 23:38:04	Name: pid_317 Value: 6061981485391032988
.criteo.com/	1970-01-20 08:49:35	Name: uid Value: a2cc65bc-2b67-4f97-9adc-e7b868356304
.servenobid.com/	1970-01-19 23:38:04	Name: pid_333 Value: YbuE48FpMdYRks-S89acmwAABIkAAAAB
.servenobid.com/	1970-01-19 23:38:04	Name: pid_309 Value: e_823bb8d7-297f-4f67-b6c1-59a6861e3c1c
.casalemedia.com/	1970-01-19 23:29:25	Name: CMST Value: YbuE5GG7hOYA
.adsrvr.org/	1970-01-20 08:13:35	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiWr6TV9LKgOhAFGAEgASgCMgsI4O6hkIuzoDoQBTgBWgZndW1ndW1gAg..
.turn.com/	1970-01-20 03:47:11	Name: uid Value: 7881695143172826811
.creativecdn.com/	1970-01-20 08:13:35	Name: u Value: iZiRJqH0Dct0lOmeMB1y
.creativecdn.com/	1970-01-20 08:13:35	Name: ts Value: 1639679206
.smadex.com/	1970-01-20 08:06:23	Name: smxtrack Value: 95365e04-c8af-4a62-a1ef-30ebeec74c2f
.targeting.unrulymedia.com/	1970-01-20 08:13:35	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003%22%7D
.rqtrk.eu/	1970-01-19 23:38:04	Name: browser_id Value: 1:02205f38-39bc-4244-a8f5-94ac29571e8f
.360yield.com/	1970-01-20 01:37:35	Name: tuuid Value: 2a62fc15-5da3-4f47-9195-334c2f3eb417
.360yield.com/	1970-01-20 01:37:35	Name: tuuid_lu Value: 1639679206
.sportradarserving.com/	1970-01-20 08:13:35	Name: zuuid Value: 6e4218d0-9603-44be-8e63-3bea50b05bdf
.sportradarserving.com/	1970-01-20 08:13:35	Name: c Value: 1639679206
.sportradarserving.com/	1970-01-20 08:13:35	Name: zuuid_lu Value: 1639679206
.bidr.io/	1970-01-20 08:56:29	Name: bito Value: AAIXsk7DdwoAAD-iZkVqLg
.bidr.io/	1970-01-20 08:56:29	Name: bitoIsSecure Value: ok
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5G Value: s578\|YbuE6
.servenobid.com/	1970-01-19 23:38:04	Name: pid_321 Value: RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003
.sportradarserving.com/	1970-01-20 08:13:35	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 08:13:35	Name: zuuid_k_lu Value: 1639679206
.mathtag.com/	1970-01-20 00:11:11	Name: mt_mop Value: 9:1639679205
.1rx.io/	1970-01-20 08:13:35	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2b95287c-c7c2-4d50-bd82-7ce23c3e787b-003%22%2C%22nxtrdr%22%3Afalse%7D
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSsjSzNDc1NDM3NwQxzEzNDIX4DHWDIiOLsywigg2zCgwByhGUTCQAAAA
.rfihub.com/	1970-01-20 08:49:35	Name: eud Value: H4sIAAAAAAAAADslzmtoZmxpZm5pZGBmaGIOAGdKsvIQAAAA
.rfihub.com/	1970-01-20 08:49:35	Name: rud Value: H4sIAAAAAAAAAOMSsjSzNDc1NDM3NwQxzEzNDIX4DHWDIiOLsywigg2zCgyleA3NjC3NzC2NDMwMTcwBG-mXSjMAAAA
.servenobid.com/	1970-01-19 23:38:04	Name: pid_324 Value: 969751677169756561
.lijit.com/	1970-01-20 08:13:35	Name: _ljtrtb_273657 Value: 273657
.technoratimedia.com/	1970-01-21 19:15:59	Name: tads_uid Value: GDPR
.servenobid.com/	1970-01-19 23:38:04	Name: pid_310 Value: 3dca89b7fdd10c39453eec1d
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 857f54af2baeb693
.postrelease.com/	1970-01-20 08:13:35	Name: opt_out Value: 1
.casalemedia.com/	1970-01-20 08:13:35	Name: CMRUM3 Value: 9c61bb84e405a00&0361bb84e627603e1961bb-84e0-4600-baae-3f1a6ae2d154&f161bb84e405a0&4161bb84e505a0&0561bb84e405a0&4061bb84e42760no-consent&c361bb84e62760av-56891bea-9fa6-48ef-80f9-0c79bc24b2b4&2e61bb84e405a0&e661bb84e52760&8261bb84e5a8c0&4961bb84e505a0&be61bb84e505a0&0461bb84e627607881695143172826811&ce61bb84e505a0&2d61bb84e42760CAESEKsr_lBfwS0OJfOfrwAiyxk&5861bb84e62760YbuE5gAMZSbHvQAz&2761bb84e40b40&2861bb84e5276027daf2c3-4bed-4777-b0e5-6fe1e0f34c92
sync.srv.stackadapt.com/	1970-01-20 08:13:35	Name: sa-user-id Value: s%3A0-2c176b07-fb37-472a-407e-dca8367fdef9.AgVrR1DpZizFVtwj3IoBh31a9OcJW3pxLtXr7PNgEFs
.srv.stackadapt.com/	1970-01-20 08:13:35	Name: sa-user-id-v2 Value: s%3A0-2c176b07-fb37-472a-407e-dca8367fdef9%24ip%24136.243.198.81.71onIew49g9y6Elg0CekqVj18pWdptLBTi7Inuh5kqc
.zemanta.com/	1970-01-20 08:13:35	Name: zuid Value: 0hyxAjurBTuRUAauRUoL
.ipredictive.com/	1970-01-20 08:13:35	Name: cu Value: b9f0e088-5e9d-11ec-9c17-0b6051703b96\|1639679206409
.pubmatic.com/	1970-01-20 00:11:11	Name: SPugT Value: 1639679205
.liadm.com/	1970-01-20 16:59:11	Name: lidid Value: ba9f8157-2fa5-45fb-b552-2fbdc155b74c
.outbrain.com/	1970-01-20 01:37:35	Name: obuid Value: 915bbe02-d199-4126-be8e-7a1bec1b3577
.smartadserver.com/	1970-01-20 08:58:13	Name: csync Value: 49:7042368557124876440\|79:a2cc65bc-2b67-4f97-9adc-e7b868356304
.analytics.yahoo.com/	1970-01-20 08:15:01	Name: IDSYNC Value: "187s~224i:18z8~224i:1776~224i:196n~224i:17ot~224i:193c~224i"
.yahoo.com/	1970-01-19 23:29:25	Name: APIDTS Value: 1639679207
.outbrain.com/	1970-01-20 00:11:11	Name: oath Value: UPb81cbc5c-5e9d-11ec-b14d-060408bf6fde
.everesttech.net/	1970-01-20 08:13:35	Name: everest_g_v2 Value: g_surferid~YbuE5QAMZMCMjQAz

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/category/videos/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=Bs2tB4OfM&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security	error	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.avct.cloud
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
ams1-ib.adnxs.com
analytics.twitter.com
ap.lijit.com
assets.threatpost.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
casale-match.dotomi.com
ccc9e906ab4f6edf29a60be7ebbe8995.safeframe.googlesyndication.com
cd.connatix.com
cdn.id5-sync.com
cds.connatix.com
ce.lijit.com
cia.dqnacloud.com
cm.g.doubleclick.net
cm.smadex.com
creativecdn.com
cs.emxdgt.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
gcdn.2mdn.net
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
kasperskycontenthub.com
lit.connatix.com
m.exactag.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.douglas.de
media.threatpost.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
p.d3sv.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.adnxs.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qd.admetricspro.com
r1---sn-4g5lzne6.c.2mdn.net
r2---sn-4g5edndl.c.2mdn.net
rb.adnxs-simple.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.d3sv.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.co
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
tg.socdm.com
threatpost.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
visitor.fiftyt.com
vpaid.pubmatic.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ade.googlesyndication.com
ads.avct.cloud
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
pixel.onaudience.com
104.109.78.125
104.111.219.144
104.244.42.197
104.244.42.67
104.90.192.27
104.92.74.8
124.146.215.42
13.248.245.213
134.209.131.220
142.250.185.162
142.250.185.66
142.251.5.156
143.204.95.188
143.204.98.122
143.204.98.47
147.75.61.140
15.197.193.217
151.101.2.137
151.101.66.137
151.101.66.49
151.139.128.11
159.69.43.71
169.197.150.8
169.50.137.184
172.217.18.102
172.217.18.98
178.128.135.80
178.162.133.148
178.162.133.149
178.250.0.157
178.250.0.163
18.192.77.44
18.195.155.181
18.196.20.13
18.224.222.89
184.31.84.150
185.184.8.65
185.29.132.245
185.33.220.216
185.33.221.11
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.87
185.86.137.121
185.86.138.142
192.132.33.46
193.122.130.38
198.148.27.140
198.47.127.20
199.232.136.157
199.38.167.129
2.18.232.130
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
205.185.216.10
209.54.177.54
213.155.156.183
213.19.147.43
213.19.147.45
213.202.235.10
2600:1f18:444a:4680:b988:ecc0:9832:67ce
2600:9000:2156:1400:6:44e3:f8c0:93a1
2600:9000:2156:3800:2:9275:3d40:93a1
2600:9000:2156:8000:8:48e:53c0:93a1
2600:9000:2156:9400:0:5c46:4f40:93a1
2600:9000:2156:c600:1b:5138:8a40:93a1
2602:803:c003:200::21
2606:4700:10::6816:1957
2606:4700:20::681a:8a9
2606:4700:3030::ac43:cf70
2606:4700:3039::6815:c085
2606:4700::6812:372
2607:f8b0:4007:815::2003
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:12::6
2a00:1450:4001:18::7
2a00:1450:4001:802::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9c
2a02:2638::1c
2a02:26f0:6c00:2af::2854
2a02:fa8:8806:13::1400
2a05:d018:d29:3602:7523:c0c8:9412:6c81
3.125.147.153
3.126.16.11
3.126.38.41
3.126.56.137
3.225.222.206
34.102.163.6
34.205.3.24
34.241.64.210
34.98.64.218
35.153.248.18
35.157.146.178
35.157.240.53
35.157.246.167
35.173.160.135
35.201.96.126
35.204.201.221
35.227.252.103
37.157.4.25
37.157.4.39
37.252.161.190
37.252.167.198
37.252.172.37
44.241.140.107
46.105.202.126
51.195.5.232
51.75.146.162
51.89.9.252
52.203.60.58
52.208.210.171
52.211.199.54
52.49.53.128
52.71.162.243
54.171.208.149
54.174.249.39
54.217.249.13
54.218.247.33
54.219.155.58
63.251.14.14
63.251.14.3
64.74.236.223
66.155.71.150
67.202.105.21
67.202.105.23
69.173.144.139
69.173.144.165
70.42.32.95
77.243.60.138
8.43.72.97
85.114.159.93
004b555e1d3840bda72d3a682ff5eb820bdd8b59dcc601fa8e229c7546684476
0146d9f4c9c8f26cbef60f87e74c273497146ae100f1670e28f6f8379aba6c95
01945bc58ee152bc579e7ece0080137fbb061145512405d8a9115a4d37d7c01d
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
05d451ade49e187c290a143ad8971b2ef89dd634c736b75be572e022f9bc5302
05d9ab34037257089c429c4d85208d27dd5fa2892491ba48c7743251a8b8eea4
06590a40d95c73c552211092005ed10cc79baa79fa287c0e152461ab6a4e1857
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
0a72bf5230bcdeb25069ed524d5debf85a310d95e8155eff874e0bf45cf01435
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e2a1b0f2286eb14e2c4389124e09b31e4be4c5d0a29da85cd86f1328fc37b03
117f1d5fc9766ce2f27441e82eefb08b6bd89d0e4905a56cea52732270ec25ee
126b35ec50b5a5cd7819b5f4bb9bd1c67d6ddada46d59a07ebb15a1245fc9592
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c62ad18f497abe133b3d74dd6f39c832cb4671dd2637528bc4c69ffdfea766
12e69b014a1d82f15c732919b28c978f60cd61b62a9290b581bb3bc06a3daf99
16935e1c30263b7766bcd0fd2547b9e364c6d4d65c0b8b5e9e90bd64bc0fec39
16ad85aa7620d54c047046f42121c7a9b060cc3f5cfe5094da8e84218c61e099
16fa58785a51fcb37cd53b7bdb0330f6300bc4ea867e6d073d2e7644e22e3468
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1952ac59959557d264c9625aa551ecb5a3cbedb6f73eedcf89bce0c65c8165b5
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2
1c6622f02cd6e606fcda9cdfbc37c945625c02086225f948e77b83264dba9b92
1c947edb74e618a58ee1ab7a05ef9a041b7c80a2282e6b4f1d8f5d36b7eef864
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f54ceed05da8f091b9585d2148b1de11ea12d0749747a13aaaf7ed65515e21e
217d834bfb82067eef8b503e459860e2779acb2cb439844fe7a25b4f518ad51a
21d29461dee4b4082d1b9d045cefc3a7e4080d7a4f8b25c96d789afae73b13bd
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
259efa4dd5a35749493c2d0e82de58bbad200845f80f0a1e3938c58bec19fd87
26a3b2a7e00aa03398e57891145b167ba8784eded21a39dc128ccd158a381f3a
26e025537d86d14c420ab40df771c32350cf2e43d5cd1464165711aa9b9745ed
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d4f43acaf2e0749680eb279e3e56115b205efe8ca0e2461e3453b65f6c1dc99
2d4fe6b93033b5a6a0fce5ea6673ff97fb5081858b2ed391c6bdef8658065898
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2df84db555f2c7745e615e3da797d7a080713a5888f103c1450f89b4dfde364d
2e050a8250fb76c88e703f8c92fba610628ecdcd7a8588a0c498822621b16a1e
3029ba4bcb164bfae62b5b134f9f6b32b48dcd7bbac7a32fe0f348d30d2d875b
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
3267f58f2b0bee4ffb46680b4a12be72561448cdc82175910561a4e4618b9cf3
3283ea5f08af24f2baee3cd3875193e87a47d2c0d631de2a80c3440bc281d4c1
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3321428797116159b29a478c5695b074baf92149a9e4af8fde67733c19984306
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
380aae00ec378f9a6905d27e8b7b671a15fd216b52ae30a98361b5d9e1b3e822
382387138011c05bdf81e36461afcf81c934f661c2a37c2fca0f1cdc37c099a5
3844d3d38dcc9505527a25e18dc120c00495caacb528c0c0c66e9ea897f886f0
38a153aaf008fbbc5ff2e234c258cd739e4941fe5b945ccb3c0bec6d4e9377e9
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3b3b3d65aaed7efe9a0a12d36c68fed6f3b71e14b86c5fe3be625ff968bb9d59
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3cc31408a4ae1a01aec918145264e054e726594223db0b4e0446e5205e6d7b61
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed98137aec1709957cba1a42eb9d873dda2bd7a3d2028fe3bc12b84ddad97e9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41032399b30ba2d0e7be445663bf2d1541ac34b3f339d025b57ea11d03240cd1
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4550853c9c2efdab413d125621a72beac549ab22a67054795d66c7791b258971
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
4830f3c6221ce4802e5d35e2222aa8107e2b8c5a55bc1fcbec3a5b5e85487283
48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d72c1f448e8c807e8dd399dbfe73aad8fe145140d57bd600592324eebe1d1e7
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2fd3552ff75ef1020de2dc4a8dd09236da281cb979116072c58ea1503bf2c8
4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
51fe9d76c24f956c3352ca3c5d984e22e93009399e965fde2ba883709896611a
52805abb330df5107936a0e751608ae26d61201e1972c1603f7e30c85607fcbd
52a89bea3a6b2182870583bcb329e4dea7b491d39e3ea5b6b699333bc02ffd54
52aa00f47256e3dbe7e2e650684491fed0dd474663ba75b4224e6b78e28468e1
52b91bf10e80dd65f4cee4e4a9fd528c5bf6f7f0bf09a1216201cb4b6c963530
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
5425ed2b85d5ecddcde692cb793d930b2acc3a50dce1bb2541e89fc232307878
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f0266d1c4ff78fd1602bc51e0f6132e279ff26060c75ea4c8023873a8d1eb4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a05089f0f10dc1dd76abd7dceebb3f72a4a7b5590644104353732aeef4a926
592e79408d6f16d00daa096608e75d85401efe29a99a7626ef7ca9356fe47db2
59df292055721df8da6ccbbc5ed2f6d98045b61ef4e33ba55c64aaa73b51fc63
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5ad0cdf0d7365fdad5c5bec7932a7812a015c99e2f35e5f4e6fcaccd7c844bf7
5c0894a3d16241654e309223b7337dffbd3c24e80f7a6af29dd7b09e3b5fc0d1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
60dad7114c8a3f67c072f9ae6a7a051ac045b260bc3f206c4c8e37b2a7953679
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
63d6a0dbaf3541e74baea0f7fac665c2f23aef08561806a98cd2984f35847440
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
648f3f39eaa215f2e09c9d1848e6471cc08f4b77640f84b03a11a61d023e30bc
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
6638bb830c3bff956ffcf1b506e979da26d172e98bfb6fa096a216ab585c48b7
66593a7318f71adfbffbecbcc79e7829c07e0405e3c1f768a4be19d32727f2f3
66e069239bcb31dfe981b4c7ff9181f626513d638bf79cec2e43df62bafd4d12
6753ddbb7584e2b67de31188ad4fb1a3b884df3cf930e6e2bae07ba4a2b03316
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdb826c4e316b6163d721b44fbbb57c54f78aa7410635ecf3570c8343ea2797
6e66b33313a6c666ea12b3bc61f7e6e67d7e8fd11b2567163ff61b75772e4599
6f6a7d3a4426f753e734a91ea6b812ee117143ed7ca836289412b1a34d6e155e
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
704cf19dd688b0b00c19faf54b2ebb8833de2ec463e1a93c1aabd45d3974d91f
729f47d65350e54a025b0d61ab82fa9f16b414fe822c21f4acfafcc344cbfeb0
72f03082ab986d4ccfe0f0a86e40cf1b30b4d65499696ebef94ca6443fab08fa
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
736dd0f804272aca5708980f4be5c54309665ce5957a32889f2fd0dbefe33422
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
748e28bf532fda95f623d36c2de4916a7f3dff7523cf629b1f66ad38cb04589b
755a01eec8795b0a1da225a9ff7d1b1abc5f384c888a3200021b9fe982f879e7
75d3fc2d1bb048b9d696f3c00f22304c2710f1d238920628a07f7931f03742ea
75dbdb37e79ca1ed66ea999293551621861caacad4ee10b516a517d2389f6e52
75e287fc9066136b17e226559ca8a0ecbf0488623a685f7061ee359e2bb430a9
769489934e4f9ab755864c795fa5b7fd4b06833c8d54538dfa4d2957347698d0
7694f2ba6cd5fa09052e478696bbe42396ba2d25f81490bd127798afec9ff7da
7837e8e709d4bf08babcffa67d8ad320e49d53a381d35a9f7fe3f2874862cb61
7adcc40384bdf60767132af52e61348f2b13520ee1802b18d4cba5ea884e3277
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80e71f1e8777c9885d3939f526aa204e26d7187549d0925cb9e3c2b05254cddb
8142565934796eda886ac19cca5493d92d1470793c3315509b32cb37aa96dd20
81af44253dea93bc39b7f887f04e3d61bed840c4965d7a9f04ddfb138473b3a8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837f284a9e53efe321d8e8fd0b75a9a5424ec157302027697d0bc81af005fe11
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8578ba646e27432ebb8a0d60a2abe221cf2a160050e56f8f714a6122cf9b93cb
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232
878de693fd93ef8ab6fff76a5da9e7ef9ff193c9395a3fd1eecc3edb4222db2c
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c631ce71c59ed2cc5703b63b9fb59c4bc6d94b9557b77adc8b35b0842b67997
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e4d950b8337b1910aac41b57d623944d6ab80dadeb716a8f70497f4bdd2f955
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de
922bf8980629432ac8d97c31c24b90724798b5df09d1e17834dbe7fa8939925c
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
931016497e6052a58cdcccf8bb7975f3a75840745a5ff9de0aed13b675fdf32c
94f7bcdcf91a285548bbc87fbc30fc715dac94718c95f3d898b5d4db9087307e
970f69745617bc0445d87d843fc2b31dffa7e103bb39ac4ef865016c331069ce
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74
986d04c80e35c1338100cc1f9677b6d4e4ded885a346649ebf3393ef038d8283
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dfda727195f3ef7756927a566238d0485f679c287a4afad15ddfb9a3c70db53
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07442ff972b2d6eb0220d6b1a859fd116bd65c4c13ec3bf4d16962b32d3a043
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a1dab8645bae3e94528e0ae6a71a17680d1f4dda4e2b89cf11f0f3ce12819772
a24717eb0eaff7c9e26429de43ede6e5b69bfe5471323719a563fdab55e556bd
a26b67d8e158c37ce4f75b64a1447e215b77c6a767fabc7007da3006c437948a
a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3
a3ccf75b921172cd2e67af3a1a09b49efdce7c58160b33bcdb912038b840b155
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4faa4dc80d0088b78b840b99d3777f205f79e3d3f493be7e82033204e9ac408
a5c3468cbba69da187232de5b23091686aa29ca9e466f6856a3c6ae947e8028c
a5d64964e1684ede0dce5b0c56f1aad6f526dcb18a4cfe18cae01a055a253fa4
a6bad99c8663d39406e5fbc1ecde4e6cdb8ee6ef207f00af134ba9146a233c03
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
ae91d2f575b0e780c420bdbe43e162c0339164a0095f437431ea1ff3fa910147
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b2f1f081cbe8e2d70b175f0cbbd8313632a83211d6dfad0997994fe8ed87667a
b3bc6db4f7960414ed8f4eaa017bf41429d0cdc59c765778de2f3df954aa8de5
b47bf3b41f7dc0e331f0c9b93e7c6d7886e9463de0b15a42bbb8cdcbcd8835d1
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b600ec7744875a611e9eb9378b5b91e050ae648d03e150a68c054ebdafba2d05
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b72cc85132e6fb7b97ef26e61fb81355c37537b807bbe77ccb9197e461d0bd38
b7aa775f5accfbb06e95737f495b8377640a6edf0e96244cdef27a076d21d5ad
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
b84982d7606f3998699ea227e600f289754487cd8a63c785d3de364cfd327706
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be3ba2f86654b73dda7d39ed448c90628092498372215fffe2281e0b587a62dc
be75e8916a82d52a33b49d74dcf2a59eb9c9a6c13aed5e932d92ed0a28df37c5
bffa86005fdfb2ababfb3feadec77ad7f45d20d4eb153b6e4d78ccb3ef6b975a
c039a025234d70fb173a63e7354c0a1b6fed3f7c61953903bbafb68289c80d8c
c144dfdf12c4fb5520be9acbf56669fa59cac648cac1d659821d8e0c4ec11a20
c17dfcc26d6ed3cc1d800c120b100cc7bcbf03ea1a9c72d8aeadfe9b41d49b2a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3489cd46697dc041f906d0fa9c4932d0a032693a12a366323ce651184dacc22
c394ae4c2841ba7dcabdfe8adfbd3723e34425e2983bb9ce198af2ab382f1a6b
c623c1bfe44fceb2a26d2d81ebb725e2475fa2037b6401548fa830c13ff100ea
c705be2f9505e19cfd1a3b65f93612b661f625a1ecd7dfdb5681b1e3243eb9ba
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517
c8dd1e23a5f23ccb19bdaea981242d126f2a1f17cb51583b9c150a23f931569b
c991a9ee49b9501cd48bd4dae61f721f2981dd2165209cdfb4f4b9074fd60062
ca0b9ebf6f910e797bffd31429eb858b2424380437d9b628ac1c622001c069c7
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9
cd6e5e14b0fbe3d80e4f8f8102bd895fb8fe9466e32fbb53901b276e54feac66
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01d5f1ac0426fecc9370f28dff65f2f08011479bf12e29f8edaa09724805301
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d4d649db2848c978c607f7f588bfa065d8bd8ae6d0b3b44b0ee53aece005e6c5
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d6daf8d887f08f8222a3c2745cd7def8f2701e13e639cc3ee6563a17c018cf40
d7e1a1e5c5ca043b1bde1bdaebcb8cff11727d16f428d52d976be5f496f18882
d82bffed6b2bb321a98dbf0c4128f57653ed567cfccbdd8f19373d9666bb3c63
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
db3687a4faddad63843209e90b44c01a27c81c9637d69a9f81391d1e4f968393
dbc9316e92a0d59ae84e0e4b37c3c111a30a34267760b3461ac8181fdbec5487
dc9ea7b89a3442a6912131c421c429c900b18706f13d3de29f01dc75b154cc00
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
dea365e6d3463e4a662b2f166142c912105b01ebb61b568089e042dc34659f2c
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfbe38f74deaf784d558b56bdc41a38079debc4541928ef783ed86b3fad5adcd
e113bbf936d67e0965466f5437903526053912d6ab0b901de4310df791846fc4
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e39f04c0c38a5d1a12dc6e3696cb9747c77d2bf3b5406c4d85a57ff8ab5d08df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e507869013d15dfdbcc6cedb081b5cb344405dbd1ad6385c6dcb939ec917cfa2
e5468112933b663f6a84084845c0264056f805300bfe046db490491dacabb76b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e950f047b72b2e9a986a7d140b74d09a651472a991e200ecd268a13a95d1a405
e9d9a334915ac295b5c5ab44ad7bb02dbe94997786ffe7f57a2534a7d4eb85ec
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ebf7729bbbad2de321e50de6f30ae0a5c613fdbbebb3b2015a2f8435409c5abb
ed6cc3e4d411248d84eed9acc1d13ad3fd98396734464cf07173588aeb9d02aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f1889e8a137f391ba851428e0295405b8eaa509beec8d56ec72b05bc3f5419d6
f2af2e1b535d63c846d1f2b38e65f7137c40a191a252de53def51b3b34e9a4fc
f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea
f534688ea80623a941e893c7f75e42c0c39d2ce39b8a34c1a0519aa2d2aa72c4
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
facb3d8be1db6c30f049b33e4b52d4b85232b84cbba9694b2f23de5efbdbf99c
fae9bd680f8151d137ce5e01cba4db77064e7b5f9584533e8e47dd849e475fc9
fb3b069d0fedffb1837cee85cb7eaef62742d71889b8b0d3d29bca84d0d3aec5
fb994cbfd9bacda685942e9ccbb54503e966ed52fc17c93ddb6803ed845e321a
fbd97a2d470259e0d42fe6244edf94444a4a2fdbf0ee308633803413c1df9926
fc135b5c172643eaaa8a4bb4a7951d8dd419f5e760c0dfbd74b94f71dc48abd6
fd46d0b2217d4f4c0c1ad78f040fe4291c9271e0675d250494e533e7f9311b00
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

635 Requests

84 %HTTPS

27 %IPv6

99 Domains

177 Subdomains

123 IPs

12 Countries

9200 kBTransfer

17849 kBSize

134 Cookies

10 Outgoing links

Page URL History

Redirected requests

635 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

635
Requests

84 %
HTTPS

27 %
IPv6

99
Domains

177
Subdomains

123
IPs

12
Countries

9200 kB
Transfer

17849 kB
Size

134
Cookies

635 HTTP transactions
4 data transactions