www.zdnet.com Open in urlscan Pro
2a04:4e42:4d::666 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Submission: On February 23 via api (February 23rd 2022, 6:26:45 pm UTC) from US — Scanned from DE

Summary HTTP 241 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 27 domains to perform 241 HTTP transactions. The main IP is 2a04:4e42:4d::666, located in United States and belongs to FASTLY, US. The main domain is www.zdnet.com. The Cisco Umbrella rank of the primary domain is 54878.
TLS certificate: Issued by R3 on December 25th 2021. Valid for: 3 months.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2a04:4e42:4d:... 2a04:4e42:4d::666	54113 (FASTLY) (FASTLY)
5	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.130.154 151.101.130.154	54113 (FASTLY) (FASTLY)
1	34.120.203.121 34.120.203.121	15169 (GOOGLE) (GOOGLE)
2	54.156.82.16 54.156.82.16	14618 (AMAZON-AES) (AMAZON-AES)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
25	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	99.86.4.6 99.86.4.6	16509 (AMAZON-02) (AMAZON-02)
8	184.87.213.172 184.87.213.172	16625 (AKAMAI-AS) (AKAMAI-AS)
14	34.206.8.109 34.206.8.109	14618 (AMAZON-AES) (AMAZON-AES)
2	54.166.33.211 54.166.33.211	14618 (AMAZON-AES) (AMAZON-AES)
1	34.246.74.180 34.246.74.180	16509 (AMAZON-02) (AMAZON-02)
2	52.31.222.185 52.31.222.185	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:710... 2a02:26f0:7100:199::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
25	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	104.85.1.154 104.85.1.154	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1 2	2.16.107.194 2.16.107.194	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a03:5f80:a::... 2a03:5f80:a::b212:e7d0	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7c1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	18.195.177.132 18.195.177.132	16509 (AMAZON-02) (AMAZON-02)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	104.85.0.246 104.85.0.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
17	104.107.161.172 104.107.161.172	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
241	39

21 2a04:4e42:4d::666 (United States)

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.154 (United States)

ASN54113 (FASTLY, US)

at.adtech.redventures.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.203.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.203.120.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.82.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-82-16.compute-1.amazonaws.com

a.myfidevs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net

cdn.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.87.213.172 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.206.8.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-8-109.compute-1.amazonaws.com

ingest.make.rvapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.33.211 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-33-211.compute-1.amazonaws.com

taggy.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.74.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.222.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-222-185.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:199::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

02179913.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d86fbcb09213a5e4a283a0278b26b5b4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.85.1.154 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-154.deploy.static.akamaitechnologies.com

px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.194 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-194.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7d0 (Russian Federation) 1 redirects

ASN50952 (DATAIX-AS Peering Ltd., RU)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7c1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.177.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-177-132.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.85.0.246 (Amsterdam, Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.107.161.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-161-172.deploy.static.akamaitechnologies.com

redventuresgamheader644747280705.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redventuresgamdisplay60805146916.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	moatads.com z.moatads.com — Cisco Umbrella Rank: 330 mb.moatads.com — Cisco Umbrella Rank: 567 geo.moatads.com — Cisco Umbrella Rank: 588 px.moatads.com — Cisco Umbrella Rank: 390	864 KB
39	googlesyndication.com 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120 d86fbcb09213a5e4a283a0278b26b5b4.safeframe.googlesyndication.com	228 KB
29	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	417 KB
22	zdnet.com www.zdnet.com — Cisco Umbrella Rank: 54878 urs.zdnet.com — Cisco Umbrella Rank: 171857	383 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	282 KB
17	moatpixel.com redventuresgamheader644747280705.s.moatpixel.com — Cisco Umbrella Rank: 41748 redventuresgamdisplay60805146916.s.moatpixel.com — Cisco Umbrella Rank: 28562	4 KB
14	rvapps.io ingest.make.rvapps.io — Cisco Umbrella Rank: 11994	2 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	227 KB
5	cohesionapps.com cdn.cohesionapps.com — Cisco Umbrella Rank: 10279 taggy.cohesionapps.com — Cisco Umbrella Rank: 29732	34 KB
5	myfinance.com static.myfinance.com — Cisco Umbrella Rank: 10909 www.myfinance.com — Cisco Umbrella Rank: 10216	67 KB
5	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 443	116 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1865 xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1862 fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9027	1 KB
3	redventures.io at.adtech.redventures.io — Cisco Umbrella Rank: 22877	150 KB
3	go-mpulse.net c.go-mpulse.net — Cisco Umbrella Rank: 549	52 KB
2	gstatic.com fonts.gstatic.com	58 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 311	1 KB
2	akstat.io 02179913.akstat.io — Cisco Umbrella Rank: 51425	708 B
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1485	100 KB
2	myfidevs.io a.myfidevs.io — Cisco Umbrella Rank: 11675	166 B
1	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1750	345 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	18 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 709	461 B
241	27

	Domain	Requested by
35	px.moatads.com
21	pagead2.googlesyndication.com	www.zdnet.com 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
21	www.zdnet.com	www.zdnet.com
19	s0.2mdn.net	www.zdnet.com s0.2mdn.net
19	securepubads.g.doubleclick.net	www.zdnet.com www.googletagservices.com securepubads.g.doubleclick.net
15	tpc.googlesyndication.com	www.zdnet.com tpc.googlesyndication.com 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
14	ingest.make.rvapps.io	www.zdnet.com
12	redventuresgamdisplay60805146916.s.moatpixel.com
8	z.moatads.com	www.zdnet.com s0.2mdn.net securepubads.g.doubleclick.net
6	www.googletagservices.com	www.zdnet.com 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	redventuresgamheader644747280705.s.moatpixel.com
5	cdn.cookielaw.org	www.zdnet.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	www.zdnet.com 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	googleads4.g.doubleclick.net	www.zdnet.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	www.zdnet.com securepubads.g.doubleclick.net
3	adservice.google.de	www.zdnet.com securepubads.g.doubleclick.net
3	cdn.cohesionapps.com	www.zdnet.com cdn.cohesionapps.com
3	at.adtech.redventures.io	www.zdnet.com
3	static.myfinance.com	www.zdnet.com
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	s0.2mdn.net
2	googleads.g.doubleclick.net	01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com www.zdnet.com
2	bam-cell.nr-data.net	www.zdnet.com
2	01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com	www.zdnet.com
2	02179913.akstat.io	www.zdnet.com c.go-mpulse.net
2	geo.moatads.com	z.moatads.com
2	taggy.cohesionapps.com	www.zdnet.com
2	confiant-integrations.global.ssl.fastly.net	www.zdnet.com
2	www.myfinance.com	www.zdnet.com
2	a.myfidevs.io	www.zdnet.com
1	d86fbcb09213a5e4a283a0278b26b5b4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	protected-by.clarium.io	01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
1	fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	js-agent.newrelic.com	www.zdnet.com
1	mb.moatads.com	z.moatads.com
1	urs.zdnet.com	www.zdnet.com
1	geolocation.onetrust.com	www.zdnet.com
241	44

This site contains links to these domains. Also see Links.

Domain
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
jetpack.com
wordpress.org
updraftplus.com
www.wordfence.com
redventures.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
narratives.zdnet.com
privacyportal.onetrust.com
support.zdnet.com
academy.zdnet.com

Subject Issuer	Validity	Valid
*.zdnet.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
at.adtech.redventures.io R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.myfidevs.io Amazon	`2021-12-07` - `2023-01-04`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
cdn.cohesionapps.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
ingest.make.rvapps.io Amazon	`2021-09-26` - `2022-10-24`	a year	crt.sh
*.taggy.cohesionapps.com Amazon	`2022-01-28` - `2023-02-26`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Frame ID: FDD2492A01CBB2E535F39EB34D241727
Requests: 126 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 210DA866720821F3BF6BEF289AF24B7B
Requests: 4 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: EBBA4A6CCC992440D37754FA2B62AEF1
Requests: 2 HTTP requests in this frame

Frame: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F8E3685E9207DCB6839EAE4DE2C4475C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDPv8s9tVxUIiDeQasxIn29PUyky-w4fIjhhNO60NDc1kOjxNlXKkW1-keYsmApuuvr7ort2Y0EE1tTkXKndp2vML3sAAAZOQ2B-vXtHKEL023bGRrMRZFPbUgq-EwmpnAkLP6Rpw-e1W7Ut0N8tN1CCPUYK4DOOmrEt2tako-cvpVm7bn9-vLf-wHpPmtH3rD6UaVv1rYn7TMNH5w6_GYa355zk-hBpN8e3laq7jLeQX9cTQoNiC0dqSiYlm3sZ5MNgUvB-E9QlVIfEXV1qDHK_9rZenaBZPiEkrg_HPhgftp1PYgnNRiz7C3N8vearPDS7VFYQZwbi8Bf9Y&sai=AMfl-YQT-dBtXyStTMqQXXDL0SlZ_SwHH5VsKjwcS_wfZ_iHh8Ia6zoWQJZfCQ2u5fqg6SsI9rNS9mLaHBNAgjRqbtEBNbq7aE4xiMXI5UKSZGPM5EsmnUTbAD_rxdbPQUk&sig=Cg0ArKJSzFc-5fHmcZKGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 239383034E43110EB72CCD5E0056ED84
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3OzCsnPSnpSRC4OJJdOhRF8pyNmTuI174ZF05E8lAhoMKKDfDbGrf3AYkgrlkZtrWkGmCgX9K2_SnRhqFwjeNatQlqeH-VFgz98kbcdbINulI5pxf3J3PFNzIYmt72mNMGz8Wa6YOP7jdETJY0ELGCfdrl5qNDLZjA0JFwLyps8FqkW43YytUZg9_pPZh8EJvsb6sZlleMWm2UzdVQllcZ_wq5m167RUeKLrAeeXehyx8-548qt9aDFSAtuOgtv1g1t0_KYu04wZHGme8cy4vx-S8Q0zEr8jpJEuBGRiyRwNHJHW3O47gTMYQyefkPEzdFbi3V4TkcPg&sig=Cg0ArKJSzEZhDFkINLKXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C5D47FA822E8646B1C44F4C2D53B1A9D
Requests: 14 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstR3ts0IP_inrKHwNHnNY_MeZavfDdLXQVCJ0ADbHngbvXzraY8E8Xpr4gKMOkkHQcJcTQc2KfeHWQwQZEOVLeW393oUrkQhBftonTeHaCSds89kmDXneiDaLwCO9NtW0ztc5i4cUMrlm7CuZFEmmDhUuuROdb1dcyiLhsp3uessZAcDIozOY23WvZABP-qD2xrUQnQvXdEjvauuC_6Kkwf5SiiTy0dV7PEaItZraYmhZDdAzjV2WQ-iXxvO5S4THY8DkvbPIkV7AooLnU0NrlQjKuFmkmy7AbFe64ACsoFnAnBQZrd6Sud2hwDl2syA5W_aB455fxbqQRYRd7Qtj6lHJTv-FppPZRsWsiiANcT1_dJKJS350Ba8NFEwN5epT7BTp5aaA&sai=AMfl-YQ2L59dbYDel4QUQwbSrHlWwGkXLjXgoD23r1o9qYQEngrLUSqi7FufOfloXmfbF6QHjrnzoW71tq_kfSmGsq0zDm7T0hqTjQoOioGweOeHljUpO_rsb_ZMZBsNGgBm&sig=Cg0ArKJSzCiCg-n2HyNREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: F1EFDA164E47FAEA6D2928C86B8C3137
Requests: 9 HTTP requests in this frame

Frame: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E374D5AD54B751FA1F0D666FF4642F5B
Requests: 16 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_fQ0jYx2LANlyScCstiNCgYagMjooC6UFiyZlz0yZ9zUPWJ91Z6mJU17dTkpzbQ7cQh4qS0SOLuYoB9sH5J9e2y0PBQgsfnNLnT6Vly6Nl44s9apSO1-Tpi5uzLRUlgZJ69JQHpfSnzYoY231dVThjeWOF8ZPSR_XJoZq5n2LdHxhtztCnW_LxRp6ewk4zkxfPEOwXOPUxMHaNesyPQ-pk6nvai05-eICMmbatygXL6YycGEnW-VBDuYJ7OrCeJKDPXli_QttaxMbeiWfIVA5FKcQiog-7Xk35vT6QJ9RdufYTmc234WRQ8BdyED4eF46ubTs8ZmTKTZhFYgZB5CcGBQ703m02bf86NbusJxdg-WFUOlVYyF1Vh6PJvrlb7HFEpydkA&sai=AMfl-YRxhFU8HuDHP3TIS4GLl0SyTc6TD9Zv_GO5uAvbglWY76-9lVb0FZUHiemsPcnoNwYDyuAsZCUFtetpW1roLTvI3w21q2yyO4oczn4IlZpLG8GRsP6JkFgJ1P7tHhTb&sig=Cg0ArKJSzHAVMuQrzIa7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 2D9F6DFC883F360E00F3088852576C8C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E72DBA077025FECDC50881A564F3600
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1245F54F550246EA4CFD2D7826881ACC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE00F9EF422A29769342E50C4FB987FC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYnNTmvQEwAQ&v=APEucNU0uXFxiN1bopQPEjpQi_LUM53AuViMGKtHC_8t5lNtGnItp5lFvRewuCxCAIAn0WuknnnN9OKcw5pA2zCTHyu8zDWnGyzJf7weg9uOUMrA9O2R1R3yDkBfyHAfEHYvRbomJtJyY57lQHAkSks5uBeGURKwTA
Frame ID: A6D78C963030574D17D531960EECBB5E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD27D4AC47CD8D58A144866C64F186C2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/11581985/1642030774101/index.html
Frame ID: A2F99BC280CC1AD435A8EF07C8644CF7
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/11581985/1642030774101/index.html
Frame ID: 6C203B554BF0D1D4E9858543D839497A
Requests: 7 HTTP requests in this frame

Frame: https://d86fbcb09213a5e4a283a0278b26b5b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D7543B8D6E7F3BEB92410651020351F8
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html
Frame ID: D9D204B71BF63DDE3726798B80C86179
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst84AyEQrTUXQ6QYfwQTZsO7W3-o9U8WBmJAVR2FYpqqSrVsv_Qt9C649keW7aWKXO0GRk1lePalnwAJSUMV6upi7vI4_Oj1-YnCLEMvnzu0kxhM1OfV0N1o34uN0kp6J2WZ23HG-FT5A5ikSA-4aIaPUrVjZNGt1agyoMHNgfHxb6rzqzohL7y0kZ9gbiMBF0GK78gE_h4_2QLochej6oKFazBfwRl9rhL6ff0nCOsWfsbZcjm3wtM5l1lpi9zODMDVKxVECG1t1pJmjFoGA-TDJngxh29pmmbuktE8r-yQ6fCYcRodg&sig=Cg0ArKJSzNP3NelWiwT4EAE&uach_m=[UACH]&adurl=
Frame ID: 35B45137B7CA81433C79EFC90808C37F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8087622AC634C41263B933C010C72AB8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 324D0F1E20EDF4AC46518BE3A3E9D3C1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54C81558FD4ADDEEDEACBABCD716A7F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vulnerability found in WordPress plugin with over 3 million installations | ZDNet

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

241
Requests

97 %
HTTPS

46 %
IPv6

27
Domains

44
Subdomains

39
IPs

6
Countries

3014 kB
Transfer

9003 kB
Size

35
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: https://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: https://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: https://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/
Title: said

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/updraftplus/
Title: plugin

Search URL Search Domain Scan URL

URL: https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/
Title: said

Search URL Search Domain Scan URL

URL: https://www.wordfence.com/blog/2022/02/vulnerability-in-updraftplus-allowed-subscribers-to-download-sensitive-backups/
Title: blog post

Search URL Search Domain Scan URL

URL: https://redventures.com/CMG-terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://redventures.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/79ba7c84-ebc2-4740-8d11-bf1cc4501e59/ae88e03f-2b16-4276-9980-27124ba4b2c1
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://support.zdnet.com/
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pmvejurkt HTTP 302
https://xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 101

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pmvejurkt HTTP 302
https://fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhZ8XwDrcEOJpIywHmrW1gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMDCumtqLmxXfjDuAoZ93FU&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyNDkwMTI3Mzk3NTI3NDgx

241 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/ 286 KB
97 KB 268ms
122ms Document
text/html 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3fa79fbb07dbab48edb1f44dad67d6df9f0e0f6e820e6877c86d83b60c3c1863

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Wed, 23 Feb 2022 18:05:00 GMT
link: <https://www.zdnet.com/a/fly/css/core/main-bd79b42581-rev.css>; rel="preload"; as="style"; nopush
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 1905baba-46a1-414c-8e71-42ae3f20d38b
x-xss-protection: 1; mode=block
date: Wed, 23 Feb 2022 18:26:37 GMT
via: 1.1 varnish
cache-control: max-age=5400, private
expires: Wed, 23 Feb 2022 19:35:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-length: 98035

GET
H2 200 main-bd79b42581-rev.css
www.zdnet.com/a/fly/css/core/ 311 KB
54 KB 11ms
11ms Stylesheet
text/css 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/css/core/main-bd79b42581-rev.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cf10bcbc2156c4908bf62af9b648d460c61c7d9196a34db7aeb485353424b2b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 54539
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 15:46:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "19dd6a12be850d16b4864d887f646e48"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 15:48:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 56ms
31ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zadN1tnUFXNBOXe6vsJdDg==
age: 9596
vary: Accept-Encoding
content-length: 6456
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 07:35:54 GMT
server: cloudflare
etag: 0x8D9F5D5F5C3F550
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 645f2fb5-701e-0112-41c0-27aaaf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e2280ea1a478fe9-FRA

GET
H2 200 optanon-v1.1.0.js Show response
www.zdnet.com/a/privacy/optanon/ 36 KB
10 KB 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/privacy/optanon/optanon-v1.1.0.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 10444
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Mar 2021 19:22:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "46e2aa30cbebb708b5fc468d57d56d8b"
strict-transport-security: max-age=31536000
content-language: en
via: 1.1 varnish
cache-control: public, max-age=86400
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Feb 2022 08:45:21 GMT

GET
H2 200 controls-3843814564-rev.css
www.zdnet.com/a/fly/css/video/htmlPlayerControls/ 25 KB
4 KB 8ms
7ms Stylesheet
text/css 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/css/video/htmlPlayerControls/controls-3843814564-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

dec0ce43402242a33abf43eb63cef39e26dddff54fc853cb35d0297fc609109b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 4313
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 15:46:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6a037baec1a480904429652700b9fc21"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 15:48:00 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame 210D 205 KB
50 KB 41ms
11ms Script
application/javascript 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:37 GMT
Content-Encoding: br
Last-Modified: Sun, 12 Dec 2021 17:26:57 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 headshot-2.jpg
www.zdnet.com/a/img/resize/f0bbe46eb924a42c2089410d297965cfcf5caf8a/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/ 534 B
746 B 111ms
111ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/f0bbe46eb924a42c2089410d297965cfcf5caf8a/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/headshot-2.jpg?width=50&height=50&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

41b41054221f9790b0e811de4ce9cf3698de3ed02b2d6cabdfa854376a8e7f29

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
via: 1.1 varnish
fastly-io-info: ifsz=28670 idim=280x280 ifmt=jpeg ofsz=534 odim=50x50 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1588638183284258
fastly-stats: io=1
content-length: 534
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ASGSLK85XXpNIGTAgCbLjFMZtz8RlF7NfXpOK1SgbVg"
vary: Accept-Encoding, Accept
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: image/webp
expires: Thu, 03 Feb 2022 00:30:04 GMT

GET
H2 200 headshot-2.jpg
www.zdnet.com/a/img/resize/3b698b059a0b6f3de3d965c35f085ecfb983f2be/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/ 810 B
1 KB 111ms
110ms Image
image/webp 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/3b698b059a0b6f3de3d965c35f085ecfb983f2be/2019/10/28/e1751fe3-e83c-4bc5-b425-4f3cfa6f6748/headshot-2.jpg?width=70&height=70&fit=crop&auto=webp

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

87e4be9904c7a7dc6b6631cd87aa836df597005621d5acf4557a4bcef4f9ecf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
via: 1.1 varnish
fastly-io-info: ifsz=28670 idim=280x280 ifmt=jpeg ofsz=810 odim=70x70 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1588638183284258
fastly-stats: io=1
content-length: 810
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "eYIGoeExSCrpcLWPZ8xn1EJxh8+WISUX1aPJa8OfSKM"
vary: Accept-Encoding, Accept
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: image/webp
expires: Mon, 24 Jan 2022 00:15:30 GMT

GET
H2 200 require-2.1.2.js Show response
www.zdnet.com/a/fly/js/libs/ 16 KB
6 KB 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Feb 2022 15:40:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "49dd571e124c217f7e7358a94b258b64"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 07:19:05 GMT

GET
H2 200 inlineMedia_core.js Show response
static.myfinance.com/widget/ 185 KB
63 KB 149ms
82ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia_core.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41f332a76d3e7508a6fc9c571d5820f2693054d41a1a3fe2f03e21b4bf3005ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2252
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C3EWW94XQD8BVACC
x-amz-id-2: I8Mgon9VnGlFr2pnXXsrf7CrEsXvmdVvKyH9hkrvbPKhnINYBDgXzpVdedFczRDR/o7LMmUIJRE=
last-modified: Wed, 09 Feb 2022 17:47:03 GMT
server: cloudflare
etag: W/"d17e223069115940d9e6c473ff465ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fi4IyhORES%2FWjP%2F%2BGmS%2B564gTXacRrGhOgczJc88ynE9twgJSSM1fX75YiA%2BEkk%2BUNyzy92y3P%2FSL0bKZycBm%2Bv6kLIS8AIh5jqT0cYHi24KFFDKAaO4OHKf6v9bcy0l3rTeog0gU%2F0X0cJwTs8cH9U1og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6e2280eaac0d8fd7-FRA

GET
H2 200 logo.png
www.zdnet.com/a/fly/1645631015-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 15ms
15ms Image
image/png 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/fly/1645631015-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/css/core/main-bd79b42581-rev.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/a/fly/css/core/main-bd79b42581-rev.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src https://*.zdnet.com:*
via: 1.1 varnish
last-modified: Wed, 23 Feb 2022 15:46:45 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
date: Wed, 23 Feb 2022 18:26:37 GMT
vary: Accept-Encoding, Accept
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4105
x-xss-protection: 1; mode=block
expires: Wed, 02 Mar 2022 15:47:54 GMT

GET
H2 200 Regular.woff2
www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 10ms
10ms Font
font/woff2 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Feb 2022 15:59:36 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2d636d9395b2da27ce67040250333ca4"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:38:38 GMT

GET
H2 200 Semibold.woff2
www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 10ms
10ms Font
font/woff2 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Feb 2022 15:59:36 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a96ff4477074c6395b7305d2d98fde8e"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:38:44 GMT

GET
H2 200 inlineMedia.css
static.myfinance.com/widget/ 3 KB
2 KB 77ms
59ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CP6C3372EGKBD4AC
x-amz-id-2: AZbq2acapUYJiKaFnwboAKpOSc2VI/wEVj38BmX6KV9RBxLNUldJZsnrHhGVO0avzKpMsVQM4Nk=
last-modified: Mon, 12 Jul 2021 14:22:18 GMT
server: cloudflare
etag: W/"528a38ce39fc58a866c1226253bbb189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzuVdSpBQGYA9hSVXC77BQn0o%2BW2%2BzJt5zRDwZ1yiW%2F1%2BIEYFlM6L%2FIPP0%2FoTG6QLZNltDbv2zJdSYDyVRegoS1mM4p6dW5UVuR7euTNf6MEfJigwgv1s6jXgjTR2A18kr%2Bwhxrpyjf5y%2BLiWL9x7wxG0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6e2280eacc138fd7-FRA

GET
H2 200 e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/ 3 KB
2 KB 60ms
39ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaf765d314b24473895a9ece61135d31023528c3b65129051b2c5a471d780604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xkIaWO5Hr0+rNu9IdoYHdw==
age: 6588
vary: Accept-Encoding
content-length: 1425
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jul 2021 15:15:53 GMT
server: cloudflare
etag: 0x8D94223473B0939
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 06b7d714-801e-0008-2bd5-21c395000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e2280eadaae9183-FRA
expires: Wed, 23 Feb 2022 22:26:37 GMT

GET
H2 200 main.default.js Show response
www.zdnet.com/a/fly/57b59c-fly/js/ 222 KB
70 KB 10ms
9ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/57b59c-fly/js/main.default.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

beab425afd7208430f689788e9b03241b9ba6aee18bc592612246f2f5dbbccfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 71611
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 15:46:33 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "3eafe36a07843f2ba4c7dd67a47a0cbb"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 15:48:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 210D 2 KB
1 KB 57ms
39ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5485469&v=1.720.0&if=&sl=0&si=e3c82cc8-cb0c-4fdb-a42f-1ba99615d838-r7rskd&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce7b67ce0d27a89485ffdbb4cc7a5bcd70c0d18e2b0b69c81e9445601875910e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 869

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
461 B 85ms
66ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e2280eb6c9c900a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 bidbarrel-zdnet-rv.min.js Show response
at.adtech.redventures.io/lib/dist/prod/ 488 KB
147 KB 29ms
7ms Script
application/javascript 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 572996a781ef84028e29a85bbf1cb0297990af40aa4b8c31d3e792d27aeba5d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:37 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront), 1.1 varnish
age: 282
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 150330
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 09 Feb 2022 21:40:40 GMT
server: AmazonS3
x-timer: S1645640798.983633,VS0,VE1
etag: "59f2374d557bd7c6f2d2a26650ff3457"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=900, public, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: qkXsiObox2-yt0-k8QA8IwFBBXgCuSNPNUKPVPeFxHsalFv8M886xw==
x-cache-hits: 1

GET
H2 200 inlineMedia.css
static.myfinance.com/widget/ 3 KB
1 KB 48ms
48ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CP6C3372EGKBD4AC
x-amz-id-2: AZbq2acapUYJiKaFnwboAKpOSc2VI/wEVj38BmX6KV9RBxLNUldJZsnrHhGVO0avzKpMsVQM4Nk=
last-modified: Mon, 12 Jul 2021 14:22:18 GMT
server: cloudflare
etag: W/"528a38ce39fc58a866c1226253bbb189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2st0jtRVfCM8B14DosvYi4h1uCQRTmCBqutSYhfhM%2FFolk%2BBH%2FCB51NaJgEgh1awom%2Fei58YkJfYCvswyE9iVNbfiZyMHkrvYvFmXPV0IUL%2BMGums2yeqA85K7kMkClOHkRliTwEgHpkg8J9WHbCuvNWSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6e2280eb4cfd8fd7-FRA

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 190ms
123ms Script
application/javascript 34.120.203.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.203.121 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

121.203.120.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 17:00:48 GMT
etag: "5ffdd5c0-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51203

OPTIONS
H2 204 record
a.myfidevs.io/ Frame 0
0 335ms
122ms Preflight 54.156.82.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.82.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-82-16.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: *
server: Python/3.7 aiohttp/3.7.4.post0

OPTIONS
H2 200 v1.5
www.myfinance.com/api/au/ Frame 0
0 202ms
146ms Preflight
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93d3cuemRuZXQuY29tL2FydGljbGUvdnVsbmVyYWJpbGl0eS1mb3VuZC1pbi13b3JkcHJlc3MtcGx1Z2luLXdpdGgtb3Zlci0zLW1pbGxpb24taW5zdGFsbGF0aW9ucy8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-type: text/html; charset=utf-8
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken, x-api-key, Access-Control-Allow-Origin
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNE0fwOTefxOkOM0Jo9ndxhdlIi7e7V%2B5bxhFHioqvwcdJ%2BgfQiMGXDf2CLaGoR1FubgzUqUvc%2BA%2BL4hsDFIAiqpkyNmZR7pwTiqtzDckAjEhyeuqnq7k%2Bm%2BeeUFChEzcOk0cmoamaz8ajav5vkQTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e2280ebdb606983-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 record Show response
a.myfidevs.io/ 0
166 B 131ms
130ms XHR
text/plain 54.156.82.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.82.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-82-16.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-api-key: yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
server: Python/3.7 aiohttp/3.7.4.post0
access-control-allow-headers: *
access-control-allow-methods: POST

POST
H3 200 v1.5 Show response
www.myfinance.com/api/au/ 1 KB
1 KB 629ms
605ms XHR
application/json 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93d3cuemRuZXQuY29tL2FydGljbGUvdnVsbmVyYWJpbGl0eS1mb3VuZC1pbi13b3JkcHJlc3MtcGx1Z2luLXdpdGgtb3Zlci0zLW1pbGxpb24taW5zdGFsbGF0aW9ucy8=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0401cea03c54b6ec4338c0f1d9c20f159858a7ad987d60443027e29c55ff11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: application/json
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
allow: POST, GET
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMcSKFQFSD7ulIBJX%2FDhv0vr1K%2BpTvNrQhyAnWgTp%2F4MLnkWhMePxHntye0YKLhwrqS8iS%2B7re31EgUtTC9n1ejSlT4xOIiEqBrgcFBk%2FNtktkPDKZSInp2qG83v8wOXPOUZl3nE3zZR046eqKkRbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
access-control-allow-origin: https://www.zdnet.com
vary: Accept, Accept-Language, Origin, Cookie
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6e2280ecf9629162-FRA
expires: Wed, 23 Feb 2022 18:26:38 GMT

GET
H2 200 mpulse-1.0.2.js Show response
www.zdnet.com/a/fly/js/libs/ 61 KB
12 KB 15ms
14ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Feb 2022 15:40:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "8f81eed765274fe090f8ec0d16311490"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 06:22:22 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 64ms
64ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 9593
vary: Accept-Encoding
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:48 GMT
server: cloudflare
etag: 0x8D941124BEC2620
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be73f2f1-401e-00d2-07c0-1166be000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e2280ebdeb98fe9-FRA

OPTIONS
H2 200 diff
at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/ Frame 0
0 138ms
124ms Preflight
text/html 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: 513256e28bacf7e4d85f6d27085f9a16
server: Google Frontend
accept-ranges: bytes
date: Wed, 23 Feb 2022 18:26:38 GMT
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1645640798.104760,VS0,VE117
vary: Accept-Encoding, Origin
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/ 203 KB
39 KB 30ms
7ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63748161559eaa06635bc2eb316897d778b5971b64f8fc645a1555d68b15e5e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:38 GMT
Content-Encoding: gzip
Age: 779
X-Cache: HIT
Connection: keep-alive
Content-Length: 39192
x-amz-id-2: a8xjX6eXlVfZY9hndOhI8lcawiMA+qdeF3EXRRWfidKieenhh78PyxtEVr3LDpw+K9393EACRVg=
X-Served-By: cache-hhn4047-HHN
Last-Modified: Wed, 23 Feb 2022 18:10:41 GMT
Server: AmazonS3
X-Timer: S1645640798.091183,VS0,VE0
ETag: "9d700fdaea6f1a45e8f90b574d874fbb"
x-amz-request-id: 11HNSGH5S81YXA6V
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 49

GET
H2 200 diff Show response
at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/ 28 KB
3 KB 8ms
7ms Fetch
application/json 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

9edf18bbfef634560679ad06feed2b79fa44760b9df8e54e838b325203ec3ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cat: f0hDID3ZP
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
variant: core
version: rv2.26.1

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 166
x-dns-prefetch-control: off
x-cache: HIT
ttl: 900s
content-length: 2791
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
server: Google Frontend
x-timer: S1645640798.230048,VS0,VE1
x-frame-options: SAMEORIGIN
date: Wed, 23 Feb 2022 18:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 7efcae4e2604820890c0573146c0c5aa
cache-control: max-age=900
etag: W/458c747726bfe58de07c085a5a84682b8c1f4d19
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 150ms
51ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

f22199bae8b8829f81d8838b76a9a97c5817a477e25105aebe4397d198e89856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27612
x-xss-protection: 0
server: sffe
etag: "1140 / 554 of 1000 / last-modified: 1645618101"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Feb 2022 18:26:38 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 19ms
19ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1645640798092&s=b5975fc357584be61ec5089aa5177363251ef03178db7c7a476617605f5eb5a1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8156ede940a7b01afa5cae444653d91bef270e00e0d6f191bf131a19988c7828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 817

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202221634/ 192 KB
61 KB 13ms
12ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202221634/wrap.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3f21d860a12ff8722e06543d4db455ed274509d6648b9197c1956fa171e8732

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:38 GMT
Content-Encoding: gzip
Age: 437
X-Cache: HIT
Connection: keep-alive
Content-Length: 62292
x-amz-id-2: Ccvo+33rQ03uW57/4jwwtsHrS1EJX/mEagBvtqCdLTGdpka1rViRwQta72VbncQ9CRHmenKpoT4=
X-Served-By: cache-hhn4047-HHN
Last-Modified: Tue, 22 Feb 2022 21:39:12 GMT
Server: AmazonS3
X-Timer: S1645640798.121227,VS0,VE0
ETag: "c459f88992b7f0c8eeae9720480c192e"
x-amz-request-id: 7KMFMYWHP79EJ19Q
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 768

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/069e0a06-a1be-44f5-9a8f-926f2985d489/ 93 KB
20 KB 22ms
21ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/069e0a06-a1be-44f5-9a8f-926f2985d489/en.json

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c83de3876b70820a0a835648010dc49a5600d6c3dd65f1a1e19ff44d33663083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AlmWtxV11YCExQkuyz0PJA==
age: 6588
vary: Accept-Encoding
content-length: 20136
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jul 2021 15:15:59 GMT
server: cloudflare
etag: 0x8D942234AE979B3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e4d995b3-301e-0077-26c0-115da7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e2280ec5f209183-FRA
expires: Wed, 23 Feb 2022 22:26:38 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 13 KB
3 KB 25ms
25ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFlat.json

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OL7qnwFOarng5AW29V9Pw==
age: 6524
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:42 GMT
server: cloudflare
etag: 0x8D94112485FC2D3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 81b8eb29-d01e-0076-16c1-115c5a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e2280ec8fd29183-FRA

GET
H2 200 cohesion-latest.min.js Show response
cdn.cohesionapps.com/cohesion/ 79 KB
22 KB 37ms
9ms Script
text/javascript 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7022891f72d988b7560aaefd0f9742c19ec202d788d25a63754d541de26e238

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5f82f1ebe7ae2e7f9d5385ffff24d56c"
last-modified: Tue, 22 Feb 2022 13:02:54 GMT
server: AmazonS3
age: 19421
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 13:02:58 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GUItoEhlj20M9cAb7zm75M6t2-L0dY_wUzpUdJkMkvAtJD6-VE7mbQ==

GET
H2 200 article-55932e1f61-rev.js Show response
www.zdnet.com/a/fly/js/pages/ 102 KB
26 KB 9ms
9ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/pages/article-55932e1f61-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5298f06fd72db24361757504ca5b18585b51de1ba9f94934556e3a44460b4f6b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 26921
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 09:42:44 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "55c7f06c4d38cc7af1634499b60e5db3"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 09:56:26 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/redventuresgamheader644747280705/ 241 KB
83 KB 51ms
16ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b3575c98b2e9b9a6064d4a9d8732a550873f84100ef10b4d7d9b9144faccbb38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 20:14:48 GMT
server: AmazonS3
x-amz-request-id: ZTN0NWE3T8JWN9MD
etag: "d7cba98786c150d878dd3aaba97cb3c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43263
accept-ranges: bytes
content-length: 84120
x-amz-id-2: zQRY7rRiGdzg5ZZjP1VVNruyQ7dbnVwKYZLUzGMSOxdYeInNvwSbqx4fyGylYZY3TJezFkA6yeU=

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 322ms
106ms Preflight 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 322ms
107ms Preflight 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 317ms
107ms Preflight 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 315ms
108ms Preflight 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 314ms
107ms Preflight 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 124ms
122ms XHR
application/json 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash: 5004fc32cc4c3bb0f34d6b5fdb1d61faeb6e71b7cc37b729b7a21d51a1add436

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 133ms
131ms XHR
application/json 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash: b007743d5735df9c1d4e4c788b122e20727c31b1ee89906df459cd8efb383c9c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 111ms
109ms XHR
application/json 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash: de84481ef689217d382563817adc5a2848c296565721097690dd23833568741c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 112ms
111ms XHR
application/json 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash: 2818d836e23d0f07d75eff14cdcf47ac7667a229de861b027cd67abcf3ee85fc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 112ms
110ms XHR
application/json 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash: e754726ab5b208bfdbfd32c91627cd65a39a7380196a9d7c3242fe693265e33e

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 xs1.html Show response
cdn.cohesionapps.com/cohesion/ Frame EBBA 2 KB
1 KB 8ms
7ms Document
text/html 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

content-type: text/html
last-modified: Tue, 22 Feb 2022 13:02:54 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Wed, 23 Feb 2022 13:02:57 GMT
etag: W/"10b2c1751c2247b1aeccc91060f971cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 8qlxutUEjfE_p0Fd9hNygDK1IqIdt0c7yjd_zHdKwYxGMmD6AzDv4Q==
age: 19422

GET
H2 200 public Show response
taggy.cohesionapps.com/implementations/ 10 KB
10 KB 103ms
103ms XHR
application/json 54.166.33.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://taggy.cohesionapps.com/implementations/public
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.33.211 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-33-211.compute-1.amazonaws.com
Software: / Express
Resource Hash: 86d53b4ea06415ee2db4a16035ec4a9d8066fe766d32bf176e0bfe8a9debca53

Request headers

Source-Key: src_1kYsAcdpfzbZ8UlNLYht1RPg3m2
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Page-URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
x-powered-by: Express
etag: W/"276d-PZpHU13Scdksi+LuWwyMrNet9MI"
content-length: 10093
content-type: application/json; charset=utf-8

OPTIONS
H2 204 public
taggy.cohesionapps.com/implementations/ Frame 0
0 321ms
101ms Preflight 54.166.33.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://taggy.cohesionapps.com/implementations/public
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.33.211 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-33-211.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,page-url,source-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,page-url,source-key

GET
H3 200 pubads_impl_2022021701.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
122 KB 91ms
41ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 17:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124510
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 09:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 17:44:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 217 B
153 B 100ms
48ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zdnet.com

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

12717f96c61a500136a8564d666db9b960869a71dd3176a438b53fb08be5c7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Wed, 23 Feb 2022 18:26:38 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 305 B
480 B 130ms
39ms Script
text/html 34.246.74.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&pcode=redventuresgamheader644747280705&rx=152868440540&callback=MoatNadoAllJsonpRequest_63833602
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: c8d24a7db903318b3b6dc6ef239b5c38339dc0deea956f031963381e96996657

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "991ff02b6d844fe707521ada960555516bd8bccd"
content-length: 305
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 98 B
272 B 124ms
35ms Script
text/html 52.31.222.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1645640798472&de=66526168634&rx=152868440540&m=0&ar=64537839394-clean&iw=2e8829d&q=1&cb=0&cu=1645640798472&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A406%3A406%3A0%3A383&jk=-1&jm=-1&fs=197205&na=2112454195&cs=0&ord=1645640798472&jv=971894858&callback=DOMlessLLDcallback_63833602
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.222.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-222-185.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 31b2a8a81e231a983806e65dffe1ee16c27dc7f4c23d3ae9abaa4a58ce7518cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "e57ab1fa4519c8d9fa9eac5a184f9dc621a7a90a"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 99 B
272 B 124ms
35ms Script
text/html 52.31.222.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1645640798472&de=66526168634&rx=152868440540&m=0&ar=64537839394-clean&iw=2e8829d&q=2&cb=0&cu=1645640798472&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A406%3A406%3A0%3A383&jk=-1&jm=-1&fs=197205&na=655309006&cs=0&callback=MoatDataJsonpRequest_63833602
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.222.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-222-185.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 279138401346858eae76bd6cc799ff025deba500d6d17cda4f4c5d6bb469cdd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "24f6aefef0741ed0e431d4edc66427912bf2c24f"
content-length: 99
content-type: text/html; charset=UTF-8

GET
H2 200 xs2.html Show response
cdn.cohesionapps.com/cohesion/ Frame EBBA 473 B
832 B 12ms
11ms Document
text/html 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs2.html
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cohesionapps.com/cohesion/xs1.html

Response headers

content-type: text/html
content-length: 473
last-modified: Tue, 22 Feb 2022 13:02:54 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Feb 2022 13:02:58 GMT
etag: "ffa03bed298484a7755ca23c5431cb28"
x-cache: Hit from cloudfront
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: iy1G8snk8hg8pXNcENSWrh6jBjs6znmwU9CCd-qNeaE0ti3HxgCxPA==
age: 19421

GET
H/1.1 204
No Content / Show response
02179913.akstat.io/ 0
354 B 44ms
20ms XHR
image/gif 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179913.akstat.io/?h.pg=article&when=1645640798531&cdim.Site_View=desktop&t_other=custom4%7C273&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=81b1ba08835c378c4ff1e66119d6f98bcb9330f2-bb0274a-800602a4&h.t=1645640798101&http.initiator=api&rt.start=api&rt.si=a04bc256-8482-4c42-aa97-9a9835bdd12e&rt.ss=1645640798732&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 18:26:38 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Wed, 23 Feb 2022 18:26:38 GMT

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 173ms
108ms Preflight 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 172ms
107ms Preflight 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 120ms
119ms XHR
application/json 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash: 576649254a2390013960a896c18a4424fe5d5f7ed62d1d129873ef0aa0e62282

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 135ms
134ms XHR
application/json 34.206.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-8-109.compute-1.amazonaws.com
Software: /
Resource Hash: c7d28383592e5a347b19a4c76904c46a860500694283ea50bf46b3a4458b3329

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 143ms
51ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
52ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 495ms
494ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=814577542946857&correlator=1653408440121025&output=ldjh&impl=fifs&eid=31064151%2C31064836%2C31064954%2C31065013%2C31065288%2C21064365%2C31064868%2C44756895%2C44756897%2C44756431&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=22309610186%2Caw-zdnet%2Ctechnology%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x66%7C5x5&prev_scp=pos%3Dnav%26sl%3Dnav-ad-plus-leader%253FT-1000%26iid%3Dunit%253Dnav-ad-plus-leader%257Cvguid%253D8f142a81-aa57-46b5-a511-4b5255ba16a8%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Csocial-enterprise%252Ccyber-threats%26mfr%3Dwordpress%26tag%3Dbackup%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D3%26session%3Da%26pv%3D1%26vguid%3D8f142a81-aa57-46b5-a511-4b5255ba16a8&cookie_enabled=1&bc=31&abxe=1&dt=1645640798702&lmt=1645639500&dlt=1645640797724&idt=914&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=50&adks=3529097836&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&vis=1&scr_x=0&scr_y=0&psz=1600x100&msz=1600x100&fws=4&ohw=1600&ga_vid=1527958781.1645640799&ga_sid=1645640799&ga_hid=1054480112&ga_fc=false&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

91cd78495ea807ddca95bbf0372b143f9c3b311f9802420ce2d86bf0eda0f9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8005
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F8E3 6 KB
4 KB 155ms
50ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 23 Feb 2022 18:26:38 GMT
expires: Thu, 23 Feb 2023 18:26:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
23 KB 425ms
425ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=814577542946857&correlator=3185854251522070&output=ldjh&impl=fifs&eid=31064151%2C31064836%2C31064954%2C31065013%2C31065288%2C21064365%2C31064868%2C44756895%2C44756897%2C44756431&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=22309610186%2Caw-zdnet%2Ctechnology%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dtop%26sl%3Dmpu-plus-top%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-plus-top%257Cvguid%253D8f142a81-aa57-46b5-a511-4b5255ba16a8%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Csocial-enterprise%252Ccyber-threats%26mfr%3Dwordpress%26tag%3Dbackup%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D3%26session%3Da%26pv%3D1%26vguid%3D8f142a81-aa57-46b5-a511-4b5255ba16a8%26m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&cookie_enabled=1&bc=31&abxe=1&dt=1645640798746&lmt=1645639500&dlt=1645640797724&idt=914&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=451&adks=1139850431&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&vis=1&scr_x=0&scr_y=0&psz=370x280&msz=370x30&fws=4&ohw=370&ga_vid=1527958781.1645640799&ga_sid=1645640799&ga_hid=1054480112&ga_fc=false&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f9fae4789fb8436574a0894e7c918cd97da2e2667d4bee19af89ada69409298c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23972
x-xss-protection: 0
google-lineitem-id: 5893577926
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379103758
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 143ms
143ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=814577542946857&correlator=2239492025535897&output=ldjh&impl=fifs&eid=31064151%2C31064836%2C31064954%2C31065013%2C31065288%2C21064365%2C31064868%2C44756895%2C44756897%2C44756431&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=22309610186%2Caw-zdnet%2Ctechnology%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C11x11&fluid=height&prev_scp=pos%3Dtop%26strnativekey%3D8ec3a4f3%26sl%3Dsharethrough-top%253FLL%257CT-1000%26iid%3Dunit%253Dsharethrough-top%257Cvguid%253D8f142a81-aa57-46b5-a511-4b5255ba16a8%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Csocial-enterprise%252Ccyber-threats%26mfr%3Dwordpress%26tag%3Dbackup%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D3%26session%3Da%26pv%3D1%26vguid%3D8f142a81-aa57-46b5-a511-4b5255ba16a8%26m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&cookie_enabled=1&bc=31&abxe=1&dt=1645640798749&lmt=1645639500&dlt=1645640797724&idt=914&frm=20&biw=1600&bih=1200&oid=2&adxs=215&adys=1295&adks=2408233683&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&vis=1&scr_x=0&scr_y=0&psz=770x150&msz=770x0&fws=4&ohw=770&ga_vid=1527958781.1645640799&ga_sid=1645640799&ga_hid=1054480112&ga_fc=false&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4b4dad418b5d4b434b71820310e18a9f6f00a31b86d72d3e811f40edc3de194f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10247
x-xss-protection: 0
google-lineitem-id: 5667186874
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138346939033
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
24 KB 485ms
483ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=814577542946857&correlator=1046510626475930&output=ldjh&impl=fifs&eid=31064151%2C31064836%2C31064954%2C31065013%2C31065288%2C21064365%2C31064868%2C44756895%2C44756897%2C44756431&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=22309610186%2Caw-zdnet%2Ctechnology%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=pos%3Dmiddle%26sl%3Dmpu-middle%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-middle%257Cvguid%253D8f142a81-aa57-46b5-a511-4b5255ba16a8%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Csocial-enterprise%252Ccyber-threats%26mfr%3Dwordpress%26tag%3Dbackup%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D3%26session%3Da%26pv%3D1%26vguid%3D8f142a81-aa57-46b5-a511-4b5255ba16a8%26m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&cookie_enabled=1&bc=31&abxe=1&dt=1645640798751&lmt=1645639500&dlt=1645640797724&idt=914&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=1331&adks=3640736402&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&vis=1&scr_x=0&scr_y=0&psz=370x30&msz=370x30&fws=4&ohw=370&ga_vid=1527958781.1645640799&ga_sid=1645640799&ga_hid=1054480112&ga_fc=false&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7898d0bff6f92e917be0491b91f39bac554d172f43a3e53722e25a7859f70db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24056
x-xss-protection: 0
google-lineitem-id: 5893577926
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379103758
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 27ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: B7ZSJ0XWM0C0H1SX
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: ddPlooSAo6iHXIeX5I9N1CbV2xxUBx7siumw1tQkNskJA5m+fmzIQvPt4NusldODhryvIE6w578=
x-served-by: cache-hhn4030-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1645640799.912986,VS0,VE0
date: Wed, 23 Feb 2022 18:26:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11326

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 144ms
57ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1417ef8a900183e770d8aa2e7156bf4b91db720b245175988779cd6100d94246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10064
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2393 0
0 78ms
78ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDPv8s9tVxUIiDeQasxIn29PUyky-w4fIjhhNO60NDc1kOjxNlXKkW1-keYsmApuuvr7ort2Y0EE1tTkXKndp2vML3sAAAZOQ2B-vXtHKEL023bGRrMRZFPbUgq-EwmpnAkLP6Rpw-e1W7Ut0N8tN1CCPUYK4DOOmrEt2tako-cvpVm7bn9-vLf-wHpPmtH3rD6UaVv1rYn7TMNH5w6_GYa355zk-hBpN8e3laq7jLeQX9cTQoNiC0dqSiYlm3sZ5MNgUvB-E9QlVIfEXV1qDHK_9rZenaBZPiEkrg_HPhgftp1PYgnNRiz7C3N8vearPDS7VFYQZwbi8Bf9Y&sai=AMfl-YQT-dBtXyStTMqQXXDL0SlZ_SwHH5VsKjwcS_wfZ_iHh8Ia6zoWQJZfCQ2u5fqg6SsI9rNS9mLaHBNAgjRqbtEBNbq7aE4xiMXI5UKSZGPM5EsmnUTbAD_rxdbPQUk&sig=Cg0ArKJSzFc-5fHmcZKGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 18:26:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2393 124 KB
38 KB 50ms
49ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:38 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 2393 336 KB
113 KB 17ms
17ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 37b3ebaceec5f1a6d14f250f18f81205aedfe32413b0b1656cc830c19e617a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 20:14:18 GMT
server: AmazonS3
x-amz-request-id: H5PMF5HB7C5SXPNF
etag: "5d9049e5e983f5f62c14b53a1badba66"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43163
accept-ranges: bytes
content-length: 114728
x-amz-id-2: 1rbrgjXz4lDM4Ztz/Un9HqDkyxS8TJTskceuEELPscgEYO+Mv12dqxjeylqXA3hnYOdM/KjQMDs=

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
1 KB 120ms
119ms XHR
application/json 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d085b1e5c8f2ecb1040648446b0ebc4a5733ce2272dd40a37c9e5871010656cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VgEBVlJWCRAGXVRVDwMDUlc=
tracestate: 78034@nr=0-1-2767451-695782612-2ee1e5f6b9ae0f9f----1645640798946
traceparent: 00-d25e23aaebd3daf7ad3a8014031d60f0-2ee1e5f6b9ae0f9f-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI3Njc0NTEiLCJhcCI6IjY5NTc4MjYxMiIsImlkIjoiMmVlMWU1ZjZiOWFlMGY5ZiIsInRyIjoiZDI1ZTIzYWFlYmQzZGFmN2FkM2E4MDE0MDMxZDYwZjAiLCJ0aSI6MTY0NTY0MDc5ODk0NiwidGsiOiI3ODAzNCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 18:24:35 GMT
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVlBUDAYBR1dbAgYPVFAFBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtcXRQODFJfQzkGQ1NSCQ8NBW8MXRVLGhgCHVUJUQFRH1JKBgRVUFoUHgFIQwcAVARRVFABAlRUWgBSU1tAFF5VXkAAZA==
x-frame-options: SAMEORIGIN
date: Wed, 23 Feb 2022 18:26:39 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 1163215e-e0c0-48fb-92f4-d9877e3ff843
content-type: application/json
via: 1.1 varnish
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Wed, 23 Feb 2022 19:54:35 GMT

GET
H2 200 track-cwv-72dfb3ae38-rev.js Show response
www.zdnet.com/a/fly/js/components/ 239 B
312 B 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/track-cwv-72dfb3ae38-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9b7909cb9edd007095b41a13617b66208e4210fff9c5e411a7db116efefc8e71

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 199
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 21:52:17 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "9a60cf803fe723849c8a5112ea442391"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 09:17:16 GMT

GET
H2 200 author-modal-5b949f9436-rev.js Show response
www.zdnet.com/a/fly/js/components/ 1 KB
633 B 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/author-modal-5b949f9436-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7f1639eeb6e3eb3e2de52c35e650ac2fe53ea34ee8e8cac73807facad51e9b7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 435
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 21:52:18 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "3aa904de2d7ff2e808894e9a862e9441"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 08:27:44 GMT

GET
H2 200 disqus-loader-f09d8d6993-rev.js Show response
www.zdnet.com/a/fly/js/components/ 1 KB
793 B 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/disqus-loader-f09d8d6993-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3c591927cc6254cd17a33c78e3293b8456851a88c736b300647f7d263dd31740

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 703
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 21:52:17 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "11987cf8727f71d108e44407ec4758b0"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:54:37 GMT

GET
H2 200 front-door-carousel-dcdcc78ebc-rev.js Show response
www.zdnet.com/a/fly/js/components/ 5 KB
2 KB 8ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/front-door-carousel-dcdcc78ebc-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0f23aaa9d0fec5942a9907b88ad801ff3eff3abede69bf286d869061201c67fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 1651
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 15:46:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "7625baadd2902a83fca7ceae80aefaca"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 17:38:45 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
1 KB 188ms
184ms XHR
application/json 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3d87fb2f74eabfc35ffcd2a35fef2043226e56ef9faecebca8cf35f7fcd5953

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VgEBVlJWCRAGXVRVDwMDUlc=
tracestate: 78034@nr=0-1-2767451-695782612-b89256ba4e362deb----1645640798955
traceparent: 00-65145d44d3354ee02b80dc88dbee10d0-b89256ba4e362deb-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI3Njc0NTEiLCJhcCI6IjY5NTc4MjYxMiIsImlkIjoiYjg5MjU2YmE0ZTM2MmRlYiIsInRyIjoiNjUxNDVkNDRkMzM1NGVlMDJiODBkYzg4ZGJlZTEwZDAiLCJ0aSI6MTY0NTY0MDc5ODk1NSwidGsiOiI3ODAzNCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVlBUDAYBR1dbAgYPVFAFBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFZWRxcNB0NFUhQ7Rl9XBQMXPUMKVxVnVFtVWgsbTQFPA1JUBgdNVk0IAAdQUU4aABtEAVMPUFFeAFECWgpWWwtRARFJXwBdElY/
x-frame-options: SAMEORIGIN
date: Wed, 23 Feb 2022 18:26:39 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 57f2100c-c21c-4cc1-8a1d-690e178599f3
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0, must-revalidate, private
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H/1.1 200
OK NRBR-a22c617a7b2aab2da1c Show response
bam-cell.nr-data.net/1/ 49 B
715 B 196ms
169ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRBR-a22c617a7b2aab2da1c?a=695782443&v=1215.1253ab8&to=NgYBNkBYWEEEAURQWg9MIgFGUFlcSgNCTVwCDwY9QVBYVQkH&rst=1541&ck=1&ref=https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/&ap=3706&be=296&fe=1436&dc=383&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1645640797452,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:16,%22c%22:16,%22s%22:23,%22ce%22:147,%22rq%22:147,%22rp%22:269,%22rpe%22:282,%22dl%22:272,%22di%22:383,%22ds%22:383,%22de%22:384,%22dc%22:1436,%22l%22:1436,%22le%22:1450%7D,%22navigation%22:%7B%7D%7D&fp=405&fcp=405&at=GkEWQAhCSx5HAxIDThwe&jsonp=NREUM.setToken
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:39 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6e2280f1ef829208-FRA

GET
H2 200 core-web-vitals-16efe3ae21-rev.js Show response
www.zdnet.com/a/fly/js/managers/ 545 B
521 B 7ms
6ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/managers/core-web-vitals-16efe3ae21-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

82f947d14a0a198dfe3cec2fde7896f6e332eb798cc193dad8da9ed2225277cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:38 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 366
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 21:52:18 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "c21c24df509f303f8c77f86785138d1a"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 07:09:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 54ms
15ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatPS=top&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1645640799032&de=204324120980&m=0&ar=64537839394-clean&iw=38967c59&q=6&cb=0&ym=0&cu=1645640799032&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2843412950%3A5667186874%3A138346939033&zMoatW=11&zMoatH=11&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=sharethrough-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A406%3A406%3A1449%3A383&iq=waiting&tt=waiting&tu=waiting&tp=waiting&jk=-1&jm=-1&fs=197205&na=964544046&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2393 0
0 76ms
75ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxKTaCl8xPYzzL_X0YnvplviMbqCr8ObYerUZyW_4kEYowPA3kTpee83BmxVlJDSp5ny6IXLom5VFJU-mNwuEMtbncYLhZuDyIVoU0nr-VYt5O_a8rD4bSqKWXQn3PROngGH3EX_SWQqRN1DciCO3hWv0W7_NWK58D4WRFquJI6XuhSj4ic1l8h4jJr05fZdnK4pwiSLGx5f_akryn1MBpoWz_oCPIg38p-2dGXMa_AKnBIxd5TUvcLfc9u53e4fpFghs8u6pQ8IE_km0fNv8tnLRudjXQ3-49fpkmIDjoOFRdg9di9unJP00TGD_AJUMT3er8W7h2BKS2BB9sdA&sai=AMfl-YQT_O30U_t8d794GmmQHynQGVMbEVBCRmycK81XQKm3-hXoQCGoW_aSyiEZEvV51j8DVmZDyh6HzMFhieLN1TGzQ6A05JJrHlos6PkBQYyOVT1PVejvEvLUxYwQJnc&sig=Cg0ArKJSzC5QmV8efTPDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 show-hide-1.0-2b8cfc35ab-rev.js Show response
www.zdnet.com/a/fly/js/components/ 2 KB
833 B 7ms
7ms Script
application/javascript 2a04:4e42:4d::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/show-hide-1.0-2b8cfc35ab-rev.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4d::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1a703d617fb31d56238372d5bf78e9861b3a09b7447a0184bd5f1c178461ed12

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 710
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 15:46:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "23b9881e2fd13f3e9dfb275272517c57"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 17:38:39 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 152ms
62ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 104ms
51ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 102ms
52ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 98ms
97ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=814577542946857&correlator=784253518750014&output=ldjh&impl=fifs&eid=31064151%2C31064836%2C31064954%2C31065013%2C31065288%2C21064365%2C31064868%2C44756895%2C44756897%2C44756431&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=22309610186%2Caw-zdnet%2Ctechnology%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=pos%3Dbottom%26sl%3Dmpu-bottom%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-bottom%257Cvguid%253D8f142a81-aa57-46b5-a511-4b5255ba16a8%257Cpv%253D1&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Csocial-enterprise%252Ccyber-threats%26mfr%3Dwordpress%26tag%3Dbackup%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D3%26session%3Da%26pv%3D1%26vguid%3D8f142a81-aa57-46b5-a511-4b5255ba16a8%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dgb_measurable_2%252Cgb_measurable%252Cgs_tech%252Cmoat_safe%252Cgs_tech_computing%252Cgs_tech_social%26m_mv%3DnoHistData%26m_gv%3DnoHistData&cookie=ID%3D1305aa477dcd3be1-22aac3cd4acd0010%3AT%3D1645640798%3AS%3DALNI_MbQx91ItdsQmg0zcNr2ScQCLVyBJg&bc=31&abxe=1&dt=1645640799066&lmt=1645639500&dlt=1645640797724&idt=914&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=1379&adks=606318677&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&vis=1&scr_x=0&scr_y=0&psz=370x250&msz=370x30&fws=4&ohw=370&psts=AGkb-H97ReaoocK0F3SWlQWhJmbmHJZEwWtcloKd-B2QQZQM8uiWueBdnhWkGoK_DFuREDSzlzHJb0mQW1aePODoS_ShLG-W2luxyHNXDg&ga_vid=1527958781.1645640799&ga_sid=1645640799&ga_hid=1054480112&ga_fc=false&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

151a9f98e0c7df8e9b67b6fe95c4ae444b130c017de3453ee631c2aeda1fe314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9319
x-xss-protection: 0
google-lineitem-id: 5688542871
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349983451
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C5D4 0
0 77ms
76ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3OzCsnPSnpSRC4OJJdOhRF8pyNmTuI174ZF05E8lAhoMKKDfDbGrf3AYkgrlkZtrWkGmCgX9K2_SnRhqFwjeNatQlqeH-VFgz98kbcdbINulI5pxf3J3PFNzIYmt72mNMGz8Wa6YOP7jdETJY0ELGCfdrl5qNDLZjA0JFwLyps8FqkW43YytUZg9_pPZh8EJvsb6sZlleMWm2UzdVQllcZ_wq5m167RUeKLrAeeXehyx8-548qt9aDFSAtuOgtv1g1t0_KYu04wZHGme8cy4vx-S8Q0zEr8jpJEuBGRiyRwNHJHW3O47gTMYQyefkPEzdFbi3V4TkcPg&sig=Cg0ArKJSzEZhDFkINLKXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C5D4 82 KB
27 KB 401ms
401ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

f22199bae8b8829f81d8838b76a9a97c5817a477e25105aebe4397d198e89856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27612
x-xss-protection: 0
server: sffe
etag: "1140 / 950 of 1000 / last-modified: 1645618101"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5D4 124 KB
38 KB 60ms
60ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame C5D4 336 KB
113 KB 17ms
16ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 37b3ebaceec5f1a6d14f250f18f81205aedfe32413b0b1656cc830c19e617a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 20:14:18 GMT
server: AmazonS3
x-amz-request-id: H5PMF5HB7C5SXPNF
etag: "5d9049e5e983f5f62c14b53a1badba66"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43162
accept-ranges: bytes
content-length: 114728
x-amz-id-2: 1rbrgjXz4lDM4Ztz/Un9HqDkyxS8TJTskceuEELPscgEYO+Mv12dqxjeylqXA3hnYOdM/KjQMDs=

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F1EF 0
0 182ms
78ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstR3ts0IP_inrKHwNHnNY_MeZavfDdLXQVCJ0ADbHngbvXzraY8E8Xpr4gKMOkkHQcJcTQc2KfeHWQwQZEOVLeW393oUrkQhBftonTeHaCSds89kmDXneiDaLwCO9NtW0ztc5i4cUMrlm7CuZFEmmDhUuuROdb1dcyiLhsp3uessZAcDIozOY23WvZABP-qD2xrUQnQvXdEjvauuC_6Kkwf5SiiTy0dV7PEaItZraYmhZDdAzjV2WQ-iXxvO5S4THY8DkvbPIkV7AooLnU0NrlQjKuFmkmy7AbFe64ACsoFnAnBQZrd6Sud2hwDl2syA5W_aB455fxbqQRYRd7Qtj6lHJTv-FppPZRsWsiiANcT1_dJKJS350Ba8NFEwN5epT7BTp5aaA&sai=AMfl-YQ2L59dbYDel4QUQwbSrHlWwGkXLjXgoD23r1o9qYQEngrLUSqi7FufOfloXmfbF6QHjrnzoW71tq_kfSmGsq0zDm7T0hqTjQoOioGweOeHljUpO_rsb_ZMZBsNGgBm&sig=Cg0ArKJSzCiCg-n2HyNREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame F1EF 106 KB
38 KB 132ms
38ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 14:21:34 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F1EF 41 KB
15 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 11:03:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1EF 124 KB
38 KB 61ms
59ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame F1EF 336 KB
113 KB 18ms
17ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 37b3ebaceec5f1a6d14f250f18f81205aedfe32413b0b1656cc830c19e617a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 20:14:18 GMT
server: AmazonS3
x-amz-request-id: H5PMF5HB7C5SXPNF
etag: "5d9049e5e983f5f62c14b53a1badba66"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43162
accept-ranges: bytes
content-length: 114728
x-amz-id-2: 1rbrgjXz4lDM4Ztz/Un9HqDkyxS8TJTskceuEELPscgEYO+Mv12dqxjeylqXA3hnYOdM/KjQMDs=

GET
H/1.1

200
OK

results.txt Show response
xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net/eum/ Frame 210D
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pmvejurkt
https://xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

81ms
7ms

XHR
text/plain

2.16.107.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.16.107.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Wed, 23 Feb 2022 18:26:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net/eum/ Frame 210D
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pmvejurkt
https://fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

290ms
65ms

XHR
text/plain

2a03:5f80:a::b212:e7c1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a03:5f80:a::b212:e7c1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 18:26:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net/eum/results.txt
Date: Wed, 23 Feb 2022 18:26:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3 200 container.html Show response
01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E374 6 KB
3 KB 86ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 18:26:38 GMT
expires: Thu, 23 Feb 2023 18:26:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 17ms
16ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=technology&zMoatAdUnit3=security&wf=1&ra=3&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1645640798472&de=54227829076&rx=152868440540&m=0&ar=64537839394-clean&iw=2e8829d&q=7&cb=0&cu=1645640798472&ll=2&lm=0&ln=0&em=0&en=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&bo=aw-zdnet&bd=security&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&pe=1%3A406%3A406%3A1449%3A383&jk=-1&jm=-1&fs=197205&na=1803884461&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D9F 0
0 119ms
77ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_fQ0jYx2LANlyScCstiNCgYagMjooC6UFiyZlz0yZ9zUPWJ91Z6mJU17dTkpzbQ7cQh4qS0SOLuYoB9sH5J9e2y0PBQgsfnNLnT6Vly6Nl44s9apSO1-Tpi5uzLRUlgZJ69JQHpfSnzYoY231dVThjeWOF8ZPSR_XJoZq5n2LdHxhtztCnW_LxRp6ewk4zkxfPEOwXOPUxMHaNesyPQ-pk6nvai05-eICMmbatygXL6YycGEnW-VBDuYJ7OrCeJKDPXli_QttaxMbeiWfIVA5FKcQiog-7Xk35vT6QJ9RdufYTmc234WRQ8BdyED4eF46ubTs8ZmTKTZhFYgZB5CcGBQ703m02bf86NbusJxdg-WFUOlVYyF1Vh6PJvrlb7HFEpydkA&sai=AMfl-YRxhFU8HuDHP3TIS4GLl0SyTc6TD9Zv_GO5uAvbglWY76-9lVb0FZUHiemsPcnoNwYDyuAsZCUFtetpW1roLTvI3w21q2yyO4oczn4IlZpLG8GRsP6JkFgJ1P7tHhTb&sig=Cg0ArKJSzHAVMuQrzIa7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 2D9F 106 KB
37 KB 112ms
80ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 14:21:34 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D9F 41 KB
15 KB 88ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 11:03:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D9F 124 KB
38 KB 108ms
108ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 2D9F 336 KB
113 KB 17ms
17ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 37b3ebaceec5f1a6d14f250f18f81205aedfe32413b0b1656cc830c19e617a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 20:14:18 GMT
server: AmazonS3
x-amz-request-id: H5PMF5HB7C5SXPNF
etag: "5d9049e5e983f5f62c14b53a1badba66"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43162
accept-ranges: bytes
content-length: 114728
x-amz-id-2: 1rbrgjXz4lDM4Ztz/Un9HqDkyxS8TJTskceuEELPscgEYO+Mv12dqxjeylqXA3hnYOdM/KjQMDs=

GET
DATA 200
OK truncated
/ Frame C5D4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bdeaac3a9979f54f020c6859c22f07dce1a1168233708981bc6f6143a2c5712

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E72 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 18:23:48 GMT
expires: Thu, 23 Feb 2023 18:23:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1245 783 B
1 KB 150ms
54ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6de2d1e32cf8dae82612984f83cd078fda5bd9272c98851248b0ae9f6e41bd79

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XcxeehAL5srH8lF4OBFRfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Feb 2022 18:26:39 GMT
date: Wed, 23 Feb 2022 18:26:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XcxeehAL5srH8lF4OBFRfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1645640799319&de=723952443801&m=0&ar=64537839394-clean&iw=38967c59&q=11&cb=0&ym=0&cu=1645640799319&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5688542871%3A138349983451&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-bottom%3FLL%7CT-1000&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A406%3A406%3A1449%3A383&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=197205&na=1206165697&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
DATA 200
OK truncated
/ Frame F1EF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 322eba4b7b20cbc3fbcdff98200769a8c844ff222e198cc05b011d420a3eb4df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EE00 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 11:03:55 GMT
expires: Thu, 23 Feb 2023 11:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 26564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK NRBR-a22c617a7b2aab2da1c Show response
bam-cell.nr-data.net/events/1/ 24 B
501 B 160ms
160ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRBR-a22c617a7b2aab2da1c?a=695782443&v=1215.1253ab8&to=NgYBNkBYWEEEAURQWg9MIgFGUFlcSgNCTVwCDwY9QVBYVQkH&rst=1931&ck=1&ref=https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 23 Feb 2022 18:26:39 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6e2280f42d419208-FRA
Content-Length: 24

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 17ms
17ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1645640799349&de=699476313125&m=0&ar=64537839394-clean&iw=38967c59&q=15&cb=0&ym=0&cu=1645640799349&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A406%3A406%3A1449%3A383&iq=waiting&tt=waiting&tu=waiting&tp=waiting&jk=-1&jm=-1&fs=197205&na=304458846&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A6D7 624 B
838 B 144ms
54ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYnNTmvQEwAQ&v=APEucNU0uXFxiN1bopQPEjpQi_LUM53AuViMGKtHC_8t5lNtGnItp5lFvRewuCxCAIAn0WuknnnN9OKcw5pA2zCTHyu8zDWnGyzJf7weg9uOUMrA9O2R1R3yDkBfyHAfEHYvRbomJtJyY57lQHAkSks5uBeGURKwTA

Requested by

Host: 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
URL: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 23 Feb 2022 18:26:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E374 74 KB
31 KB 178ms
94ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZ-ZYEsc65d5z7KvBKJLheGsDzGhq8KBnVihDybc9aHopF0twi5Kb0o5NB9-x-XyIAvL-O2CEjuUw9X5JuKvQhZfSy7l9xrEsa2rdYJbaLgbgDD5ReWeLKd9zbmMr3qVi-ys93Hgzlhk1ird8BzwhQdkYhkA&dbm_d=AKAmf-DDSbvT-mLfDiY9BiqvaCoQx7nWgZagvrSrzG5FneZvomXDTldzFzQUK3HWjNPbLY5R3O3fnxh-uqFncFQME_DMwTq4hOBQHNKjvMGfhB8ecO0R_RPrtDT_8M8pOELXN9FbWQzDrvw_G4uZJU4U0cUstqp3_VhPm6GHvhFpkp6wqMCwyxKING-4QEUgZm7NZJmOZ4cqNr-vPUyc5q639qe_6DH15OTMjWzu4l-HCEp9FYwodaks6fbj1mzdcnmOm4iBejTr03lQQ1bMXIXRxDdnwZHzGm789TVwDZM4Pu2Cm8O1Y5lYGiryK5E06c7fbzpWt2oAGIE56ipD0xm4NCISvhjokjeFO-OyNnTfR8RjterEv1H7PLgAoLupSm74RdZxbaPj5AqneouHxGN90XxS3OTjq0gLdcHptrwxd5w0YpHGKiytGe9R229AtPTF67noLeBc5yIzrORlbu4v8akXGViZ-pObrNfZMFpM_5LXKfCbS57nKa-EGbPRtuQyj3gw07N88ocX0w0qlH6pCAnvwu0R6hsygnM_bCfZNsK0D8XEZBHJIDKTdACFH8OxSCfhLWpWsky4qnaLDWgeYQVsWvIbVsQzYksa_CEucuUVQHWcYvA7YCncDkbSAyhg7d3LOYJgDOJbmU-uWVCF7GDiDdxpK1WXetMMCyNUKdiseAtkOo_lF_E1V12D-G-dlQTFxqXCdM7KkfyxSp4xswHDeKU3o2ONtpwHNv6mXa_bs5mj7fvzcml23YvVhkXosUCbZX5O7Q3dkX7kIY4maSDRGNMbGkplgDPOReb2mwzmOj2AiKGVJgYkR92aQYxcPdeMJT_v-40k1ZJFX2ihfI_BcdoWElRFdKSGUStPZCug3yMet1mfSyGvTD5WGRX9q8Lt9-c-CDaIkl-NJeKR69S17rKDg-VzNcpyY8hITaHvUJsuCikJ7bUR38Xm7z6HSzzJaTlcH4n9oV5DDHFEa6ZkJIe4bTu-4Q4xQopxEc2yr2El-ZrMCWByJgyl1QO8qq_bOpuS4M98FNHePL9J_-yKIcVk98uL_VTCcG9-BQ8hmRv0P4Y4mADZV8PMtqevxM22VFXEQeZW1eXBXneVFniS2OdLOT7t20K3ug4nwk4h2Bq_y3tjNv-5rJ2ryXkVhkzTmJCwUkFPsNymhzUdUQ4JrmuuLXPEca5Xu9js1i4do8rl_87H8Ps20b_0iku6RPTJFG99r3iF9ha5wDlxlLaMLQsIihtmk9CnhoxM7-cc1GS8hEmIEzSstVoQHjzV5O5hzN_ZeVyvjpDWbMXzzr5-aUOfkrLpjTwjUoMFeaLi5YXTovjUApSik6n9Tt6rt3fHYyyRlkUkBZ5crdTFSTa9mA10gXWK5mRkxd2dmNp-476U1D7nnFvXMy1HdVLrFf9MvOMSxpVpuB45vd4wf8hL5IV_jYSCMqDvuIcaUmWPOkPFKwdrxtFR1vMFZXntqto9qZeVBWNVkZ0CpVhVnPkRomgX_NsrK3khStnf0aBcM-arouSXUPg_GnjpTRybp3-I_GfNzLU1Lo9Kj_2xn78Rp459cKabRVwfvuQn_i3Hk_tOe5Ih54T-AMaj-S-VILrG2SV7tD3n5XrVMsHxlCmA18_Qd0rZ1zkBtJa-pdr9DnB3ZCEzXweVa8HRBB08GTysj-T28TqiVMDOJhlwTLoLGkMznGAUSC_Ir8jYY-rV7p83KlRINM55TgAhLm8A45HsLYDrd1fXnSKa48_ggmsCXbJ_2P3MuHuLh4lmd3oHwQIYjtcSO_RnOuZ66ZaO_shzNyzkovE3rL0rukMP7CGFX703vd58zj7esoj7c_cBT78u3qrPcp9fMKN9fQmJSEaayJ4CE6p-wI5OqjvPyx9hLWVvOzl0lGhWAQVLCFZslNxEHGXt4QViNjzLmt08fFSpf5cDQ9geDI7HU1YpOMStAw9XrKHlETShAWwILhB8WHfcbX2hty748_svp8SzWZElA1ksifYOLX9nJUy4iYIxqXEPNuvev2_xBBZXd4ad6kS5UZokDJGNbH2mo2IBTTc5IKX1PGEwLkRj_a-Ch0xRE0kdUazJ5H4BG00XRVVActP_8vfYT302UR-5gWMMOxhdkqb-iLE2vPrQXB3dt9ePtfpTIgGExetdxnxHWLo8GmJsFIsSXqv2Zntd2bz4Fwlz2FwfYihWSMZHwq4jYIXx9weUXiCydUI6VTm-GCJqgwd1FQyqkH93QJV8Nl7NIQLpZ9nK_FFgjdYnDovdCKzut3Wk52EXH5KhkSCNfwzl6urhR6f4nHHjK27rMOih3w1dLp9-2CjKxUew05OX6GxYv5p8aKnC6woJA2kS91iF-XzmNnn3oGNodjgdpmryNRZKcOvkD0291HjLRoniyrSycg9htqxrTbzErfLFiB-W6OyS0lQcYVl7mRCSxUFFcqKI7xZmBLhK44ghQOoH4fIN1xSA42xDqNjrJ0lXkV8duJ1bTXsAjnau0hsuwCCEmBf4p2wdB6PU2DxPgla77ckD67TOLA-qLJyZAzrlKOvzjjyIzDKh5r4xjFY19pPVxfu73NaAzbkm9vQZD12uhEoZTQS_8Jx-sIHN2ROspx93Jf2N3lBFcpFUwiyew47gTBjYuYgQZtQ2xzk1KcowtJ_KAq1H51r1R4I76tOFohgTC6RZTJvJK7z2E3y3G9AeZyy77APjvJm1CXuhUW0EN098rMR6s3T2eFpTNRU-w8XZe0E1L8DVpheP51WtgTma6f_NNy2Ek57n4Cts8Kvh9hT1SQIxv12ORBTpfFNcL_G9cSepPTKIzaEZv_cVBq01R8AJHvGKtIlqptYhZUtYcU4mfVhIDy4N5UGj9-sGdUn5vHnqmsP3S39rBIM_x5omqj9Buk7-4bmKM1Bv0NUT3qHYbsBepOXAFbQ3CO4w1Iqv8Su5q6oW-39i9n4dTw4ZLIUw5G3IOFHhz1ntW8JAQ3dAy6Mo6IrDyFZuz2SB0OydyvNMXymKaDthc78LIS1AWTaEV_5Hgt9VVwyQ8-spYz5X6fhPmB3ioUiawIMuBTE0T_AYB9Y6BjMCy78b-7OZ7HV7V37362AzPDwi_TonCshMSJRtbVl4H2WfAr8KDTWCNUxyS4Po3SVI3IEf9X7grsn8Ucg1R44mgSyQWmGF-K7oVMf8gbHS4bucZ6hE6dLCWy3zDge6FafHzCe8z8kSp7J3B1bw46zMVeYod_qPbNykb7WPRKGjBT2vNf8fw0JQPb_Kc7243YfKnqjK6BKQ1lbg62SO&cid=CAASFeRouQg9RtjfHviHm45K0UzB7BA3yw&rfl=1%2Chttps%253A%252F%252Fwww.zdnet.com%252Farticle%252Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%252F%240

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8296d2d75356bf38a062a91f864313e8b7dcbf7544a4ed2ac2f4c458e02e26bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31709
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E374 42 B
63 B 126ms
72ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASW-Ni3ubnMp5tnPnY16fYLoxU3_1t574wzeeroipghnA74TmgSXK25gx9cYh3JB1GO48-NoUhwwTmk-6_hOLW3Ccy0mn0450K9lIwt6-_u6q9vEE

Requested by

Host: 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
URL: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame E374 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js

Requested by

Host: 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
URL: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 17:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 17:53:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E374 124 KB
38 KB 84ms
83ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
URL: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame E374 15 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
URL: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 18:23:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E374 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3lupGL53dB1crpZjhPro9QN1XVgE0w809i97TlFlRcJ6p4uFO1CIqp4cntPYL_LyyDFFBfPZrN2vVWPlMaI1kNwgU8Q
Requested by: Host: 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
URL: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame E374 68 B
345 B 46ms
11ms Image
image/png 18.195.177.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_SjNVWEZlZTF4Y2xZLWJmRmxXaDFtSVpfcGhVLzI4NzA3ODYwNzU6NzI4eDkw&v=5&s=v31fsjtbl6a&id=eyJkZnAiOnsiYWQiOjUwMjQ0OTY5MTEsImMiOm51bGwsImwiOjAsIm8iOjI4NzA3ODYwNzUsIkEiOiIvMjIzMDk2MTAxODYvYXctemRuZXQvdGVjaG5vbG9neS9zZWN1cml0eSIsInkiOjI4OTA3MiwiY28iOjAsInMiOiJuYXYtYWQtcGx1cy1sZWFkZXIifX0%3D&sb=undefined&cb=7423648&h=www.zdnet.com&d=eyJ3aCI6IlNqTlZXRVpsWlRGNFkyeFpMV0ptUm14WGFERnRTVnBmY0doVkx6STROekEzT0RZd056VTZOekk0ZURrdyIsIndkIjp7Im8iOjI4NzA3ODYwNzUsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
URL: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.177.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-177-132.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 18:26:39 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FD27 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 11:03:55 GMT
expires: Thu, 23 Feb 2023 11:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 26564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2D9F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b64ea0d1dc21b5d9f3524b2373eafb321c72dcfaba13f8326b52a9faee1754a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
30ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1645640799466&de=502470418992&m=0&ar=64537839394-clean&iw=38967c59&q=19&cb=0&ym=0&cu=1645640799466&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A406%3A406%3A1449%3A383&iq=waiting&tt=waiting&tu=waiting&tp=waiting&jk=-1&jm=-1&fs=197205&na=1151225944&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/goodway341003946512/ Frame F1EF 311 KB
105 KB 17ms
17ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/goodway341003946512/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1e638848d7db68fe47336fd80131e324ff4b5ae9b005e251c2bce43f1affc321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:28:24 GMT
server: AmazonS3
x-amz-request-id: 4BJ19C2JJ48RXWH7
etag: "26c7dc9b68de70333d7008e2370234cf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=60154
accept-ranges: bytes
content-length: 106517
x-amz-id-2: TYnWyW+IfberknLkO8AqweXQfXscVr7YQneS75/d0IcCDvWxhOpT6C0h81kLO3OMh2yIxGtEwyM=

GET
H3 200 index.html Show response
s0.2mdn.net/11581985/1642030774101/ Frame A2F9 110 KB
22 KB 85ms
38ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/11581985/1642030774101/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26b8bad9db974b743c9dffe78b1dcc93bff87eb414abd2b8d110b3280bbdca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 22780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 18:29:13 GMT
expires: Wed, 23 Feb 2022 18:29:13 GMT
cache-control: public, max-age=86400
age: 86246
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatad.js Show response
z.moatads.com/goodway341003946512/ Frame 2D9F 311 KB
105 KB 18ms
18ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/goodway341003946512/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1e638848d7db68fe47336fd80131e324ff4b5ae9b005e251c2bce43f1affc321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:28:24 GMT
server: AmazonS3
x-amz-request-id: 4BJ19C2JJ48RXWH7
etag: "26c7dc9b68de70333d7008e2370234cf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=60154
accept-ranges: bytes
content-length: 106517
x-amz-id-2: TYnWyW+IfberknLkO8AqweXQfXscVr7YQneS75/d0IcCDvWxhOpT6C0h81kLO3OMh2yIxGtEwyM=

GET
H3 200 index.html Show response
s0.2mdn.net/11581985/1642030774101/ Frame 6C20 110 KB
22 KB 75ms
41ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/11581985/1642030774101/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26b8bad9db974b743c9dffe78b1dcc93bff87eb414abd2b8d110b3280bbdca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 22780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 18:29:13 GMT
expires: Wed, 23 Feb 2022 18:29:13 GMT
cache-control: public, max-age=86400
age: 86246
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E72 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:01:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1245 0
0 93ms
92ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=814577542946857&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame EE00 35 KB
13 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:01:03 GMT

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame FD27 35 KB
13 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:01:03 GMT

POST
H/1.1 204
No Content /
02179913.akstat.io/ 0
354 B 36ms
21ms Ping
image/gif 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179913.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 18:26:39 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
17ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GOODWAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1645640799556&de=270077423827&m=0&ar=944fd8091a1-clean&iw=74ec1ce&q=22&cb=0&ym=0&cu=1645640799556&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11581985%3A27087047%3A518143862%3A164679749&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&bo=7628188&bd=326145738&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&gw=goodway341003946512&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A406%3A406%3A1449%3A383&jm=-1&fs=196859&na=1160502883&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A6D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1

43 B
1014 B

58ms
51ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYnNTmvQEwAQ&v=APEucNU0uXFxiN1bopQPEjpQi_LUM53AuViMGKtHC_8t5lNtGnItp5lFvRewuCxCAIAn0WuknnnN9OKcw5pA2zCTHyu8zDWnGyzJf7weg9uOUMrA9O2R1R3yDkBfyHAfEHYvRbomJtJyY57lQHAkSks5uBeGURKwTA
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 18:26:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 23 Feb 2022 18:26:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A6D7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhZ8XwDrcEOJpIywHmrW1gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1

43 B
1014 B

34ms
34ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYnNTmvQEwAQ&v=APEucNU0uXFxiN1bopQPEjpQi_LUM53AuViMGKtHC_8t5lNtGnItp5lFvRewuCxCAIAn0WuknnnN9OKcw5pA2zCTHyu8zDWnGyzJf7weg9uOUMrA9O2R1R3yDkBfyHAfEHYvRbomJtJyY57lQHAkSks5uBeGURKwTA
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 18:26:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 23 Feb 2022 18:26:40 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACPRwSgg6ca3RR0Gx8zAYs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A6D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMDCumtqLmxXfjDuAoZ93FU&google_cver=1

43 B
1019 B

35ms
35ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMDCumtqLmxXfjDuAoZ93FU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYnNTmvQEwAQ&v=APEucNU0uXFxiN1bopQPEjpQi_LUM53AuViMGKtHC_8t5lNtGnItp5lFvRewuCxCAIAn0WuknnnN9OKcw5pA2zCTHyu8zDWnGyzJf7weg9uOUMrA9O2R1R3yDkBfyHAfEHYvRbomJtJyY57lQHAkSks5uBeGURKwTA

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 18:26:39 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c343ddca-bb66-4a60-b92f-7063c0d88443
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMDCumtqLmxXfjDuAoZ93FU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6D7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyNDkwMTI3Mzk3NTI3NDgx

170 B
188 B

115ms
60ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyNDkwMTI3Mzk3NTI3NDgx

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 18:26:39 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 425512ab-b019-4840-95f0-2dbd6b2c751b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyNDkwMTI3Mzk3NTI3NDgx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GOODWAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1645640799574&de=753323461406&m=0&ar=944fd8091a1-clean&iw=74ec1ce&q=25&cb=0&ym=0&cu=1645640799574&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11581985%3A27087047%3A518143862%3A164679749&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&bo=7628188&bd=326145738&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&gw=goodway341003946512&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A406%3A406%3A1449%3A383&jm=-1&fs=196859&na=1556497777&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 pubads_impl_2022021701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C5D4 363 KB
122 KB 40ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 17:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124510
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 09:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 17:44:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A2F9 1 KB
902 B 152ms
54ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55512fd4729d1dc0eaff22a32c9d3df4f92bddc8d176854930ead03810c56b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:35:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Feb 2022 18:26:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C20 1 KB
473 B 131ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55512fd4729d1dc0eaff22a32c9d3df4f92bddc8d176854930ead03810c56b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:28:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Feb 2022 18:26:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A2F9 29 KB
10 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 06:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 06:12:45 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6C20 29 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 06:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 06:12:45 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame E374 106 KB
37 KB 87ms
37ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
Origin: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 14:21:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/elements/html/ Frame E374 8 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/elements/html/omrhp.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 18:25:06 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/ Frame E374 25 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/abg_lite.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9648
x-xss-protection: 0
server: cafe
etag: 2224892065184813991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 18:26:20 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 84ms
20ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=13&fi=1&apd=25&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1645640798472&r=54227829076&t=meas&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Ftechnology%2Fsecurity&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 85ms
22ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=13&fi=1&apd=25&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1645640798472&r=54227829076&t=fv&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Ftechnology%2Fsecurity&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 86ms
22ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=13&fi=1&apd=25&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1645640798472&r=54227829076&t=nht&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Ftechnology%2Fsecurity&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
15ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=technology&zMoatAdUnit3=security&wf=1&ra=3&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=5&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640798472&de=54227829076&rx=152868440540&cu=1645640798472&m=1329&ar=64537839394-clean&iw=2e8829d&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=5&lb=3751&le=1&lf=239&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=0&ag=13&an=0&gf=13&gg=0&ix=13&ic=13&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=13&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=25&cd=0&ah=25&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=3&jm=-1&tc=0&fs=197205&na=477425631&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame C5D4 107 B
122 B 65ms
64ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C5D4 107 B
122 B 59ms
59ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D4 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=567009674538603&lenfreqs=449%3A1&vrg=2022021701&nw_id=22309610186&nslots=1&eid=31061815%2C44756895%2C44756896&pub_url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C5D4 29 KB
12 KB 104ms
104ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=567009674538603&correlator=929936139368759&output=ldjh&impl=fif&eid=31061815%2C44756895%2C44756896&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssFvC6sqXxferGR94RJBZWN_jasXjFu25JVZpNBrrkQnSE3VCyZGcePlhOrY69fUtUyvQuImV9KdTMd-ZAVD_wol518PlX1d6LfWR7A2qABkSpTYb8S5KFGfbzr2KYDxeDFr_b7iicK23fn0UpEJBlWjAlncm3N1OLwpgYQXmoJaltJqG-AWbduQ0wMdey8wBdFx8ZudsKpbU8lGFOl2kBWUm97PRQbaXBv74bwUPMD-iVhSE17y4wDVBJL34GMvaO0Mnqa2SMrpSlCe-sgMY8Lypgkikb_5ED3cHzddvHM7vObjyoKDkDKE_36rgprZHBG21nfoPM%26sig%3DCg0ArKJSzJxAmDvkO7NdEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&prev_scp=campaign%3D5677026463&cookie=ID%3D81a39bf292fe7282-22ecf5ca4acd0027%3AT%3D1645640798%3AS%3DALNI_MaOZwMipzIsIejDRA0XKlVNLaXgYA&cdm=www.zdnet.com&bc=31&abxe=1&dt=1645640799835&lmt=1645640799&dlt=1645640799177&idt=649&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1050&adys=1630&adks=1319207525&ucis=yxy7wipbay9x&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1516308267.1645640800&ga_sid=1645640800&ga_hid=2110232242&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

20dbfa98265fd196038a8e09c01d713520f750afca175225abae45367be17d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12469
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355023537
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d86fbcb09213a5e4a283a0278b26b5b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D754 6 KB
3 KB 70ms
54ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d86fbcb09213a5e4a283a0278b26b5b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 23 Feb 2022 18:26:39 GMT
expires: Thu, 23 Feb 2023 18:26:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v11/ Frame A2F9 29 KB
30 KB 129ms
37ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v11/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 02:09:34 GMT
x-content-type-options: nosniff
age: 577025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29592
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:41:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Feb 2023 02:09:34 GMT

GET
H2 200 8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v11/ Frame 6C20 29 KB
29 KB 164ms
77ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v11/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 02:09:34 GMT
x-content-type-options: nosniff
age: 577025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29592
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:41:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Feb 2023 02:09:34 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 29ms
20ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=50&fi=1&apd=100&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799349&r=699476313125&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 26ms
19ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=50&fi=1&apd=100&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799349&r=699476313125&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 27ms
19ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=50&fi=1&apd=100&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799349&r=699476313125&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
16ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799349&de=699476313125&cu=1645640799349&m=565&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3751&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=0&ag=50&an=0&gf=50&gg=0&ix=50&ic=50&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=50&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=100&cd=0&ah=100&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=477780665&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:39 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10113551157518786109/ Frame D9D2 4 KB
2 KB 39ms
37ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10113551157518786109/index.html

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68c74f997015e5f4909ac3f793dd3c8c0d71587ce9acee281b3ae9decda87814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1549
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 17:20:42 GMT
expires: Wed, 22 Feb 2023 17:20:42 GMT
cache-control: public, max-age=31536000
age: 90357
last-modified: Mon, 28 Jun 2021 13:19:38 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E374 0
24 B 164ms
114ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaXgRIXCi7U3cpJDzwpOPZ1h1fkWuMJFcm2fvvmG3rVOZwfWZcQdlZpSAVf-lvDDhJHQ7b3Z92tsBHB7115nQOAJ_j_v3-PSA5WuiKm_eHY3oSaRTJ5N9pVqDJ-RW1vVe9bqCWUyMhti7KsvexDrlFbaRjDHNVrmkLEta0R0CUyMCamRyO3p6ri73l7U7zjKhOGHwU2g3djfxADAzmea0_nS1Im7BxSINWJCV_O5mJNZl09D1VrdQCaf2c93_QQw_iq0xpxUvhwToCvbVgTNcEn8BjCZy1oz2Omc8EJXv3Hvt5e72YOYSOJntxH-jjJfmkRJh3uFhUPOspo51hu6VkgGBRkdsB2YNI7tX62fbmS7wpV0_dl4KUBIrr6226NeZZHdQ5Z1eFO7hXCTVYV0v2Ur7gx-EyHuV77Wbdxnaw-bfyVGiCTZzoEoMRqPBTcdCvdWUNUXCY4J7WweM_VzjYMD6T43JGXdVoPkwSocL7irgKvXpluZxcBO-W8sGkcTSjTrVlPg_IO98HD88YfPZ-xZ2fUyJ9nCNEf0QqhYJdi8idc8KQ5DNgW3zOV7xLB5byHkhYBwpLFHnVG5gs_TufQDlGIuclOUHS5Va2YUPf27EwX8yAsffWresX8nsIewLLyS89-AtfnNqEDUJBdhetatq9ec-yV3L8kKHyVJVKoxNrXU207S88ug4pTm6CqXUgE4H4-R_16m91q78GCRYEL20SSfL4LF99ANyz0_EL4FdzHnPtjq2WkRsBzEtia0-6PDuqCn9ysO9_i7JJdkcZMbdWla87mPj1PFWFApWQhX0x47JGs9MHIYAxser8uxb3n_TSOZDr1CcUeHKPsJjXttIYmSrxsJWrWpJC4gkrICXAjeNqO0mFlu3Q70VkHs7r_kSbfSPucBFgnzgU68OBbnmrYgxqM2gm-1HXSHiH1OSV_ZQtWRJculAjU3QuqKPO3kBxRk6-vVKMczswr2QWAsDaSkQqIiq3uOoX7y3yE38mmnjvJbtDCSXaQeAjo2hfY5gf5xOYqzLTEttc10MCyC38EMafuGXDgrVBsB5I7Hzw3q2RtEb8vMIJkZxYSSfHDNNki01y7Xn0wOngrQm_9yOtnpDQcL6ZM2NkR2YDObmNfOhnNc5YcphLAUYNJvQjRbaCNIQnOslfZdRLcEqxxjAuWPk&sai=AMfl-YRvL88tLt18yfBhsR2ScFfKegDgzUB935YFzOGcKdGRm0So5ouPmiitSgpzXqwVqlyh-v2MSMdYsH6ymksd6SVoQR5SIBQ5v__zD65wvxL_KivsN4LOYc0o9ocyfRDAu5lsihBbRtLkFBJfYXj_MK5jA6CzVvoQ4qPj2bc&sig=Cg0ArKJSzFV_dVIL1fjlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cstd=219&cisv=r20220217.21947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 23 Feb 2022 18:26:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E374 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 11:03:54 GMT

GET
DATA 200
OK truncated
/ Frame E374 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61c6d0eab48f8228bb5336346cad254eafd45a43b1a8976c2d73f7df8d0d8cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35B4 0
0 87ms
87ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst84AyEQrTUXQ6QYfwQTZsO7W3-o9U8WBmJAVR2FYpqqSrVsv_Qt9C649keW7aWKXO0GRk1lePalnwAJSUMV6upi7vI4_Oj1-YnCLEMvnzu0kxhM1OfV0N1o34uN0kp6J2WZ23HG-FT5A5ikSA-4aIaPUrVjZNGt1agyoMHNgfHxb6rzqzohL7y0kZ9gbiMBF0GK78gE_h4_2QLochej6oKFazBfwRl9rhL6ff0nCOsWfsbZcjm3wtM5l1lpi9zODMDVKxVECG1t1pJmjFoGA-TDJngxh29pmmbuktE8r-yQ6fCYcRodg&sig=Cg0ArKJSzNP3NelWiwT4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 35B4 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 17:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 17:53:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35B4 124 KB
38 KB 95ms
95ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 35B4 0
0 108ms
55ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTg8Yp4etcZajezeb5a52mFi5CnitLpa4XJ83GE9rXcyL0dJwC3HzkHWHZyxPOwEJICOmLVcGnTnCOB5Ie-DfPJmzp76w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 35B4 336 KB
113 KB 52ms
46ms Script
application/x-javascript 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 37b3ebaceec5f1a6d14f250f18f81205aedfe32413b0b1656cc830c19e617a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:40 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 20:14:25 GMT
server: AmazonS3
x-amz-request-id: MCDWDGE9AV388BBY
etag: "5d9049e5e983f5f62c14b53a1badba66"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44948
accept-ranges: bytes
content-length: 114728
x-amz-id-2: 1jNnGvhKb3VxuR5thSSUV00Jf7T7R/xI3pu9p4F2o9YSsZ+VjhMazM7QBi4ng5RV4WJ+WL6JkI8=

GET
H3 200 16181266791146063110
tpc.googlesyndication.com/simgad/ Frame 35B4 17 KB
17 KB 42ms
37ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16181266791146063110

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3661ac37cbb213b64eb600c7c30da647babd9a2b2ffdbe5f30830fcebe2cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:05 GMT
x-content-type-options: nosniff
age: 35
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17729
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:34:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Feb 2023 18:26:05 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1E72 0
9 B 47ms
47ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OKlu0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 30ms
29ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=302&fi=1&apd=314&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1645640798472&r=54227829076&t=hdn&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Ftechnology%2Fsecurity&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F1EF 0
0 80ms
80ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX6glxExBfs6CJGReXFBJZ2HpVoEe13HBCH4028G4jjUFdn4PBKKDrAd6yKjYDpEVrv-uhbgGXA-7Vycq4YZnAuNvvtPkdWoLi87dPp9PlOZaUqT2kAqHQDKM0yEaHwB-RKOIHnj31j5j17xCMbt8b4yC8ivi729f603omYP7PSmC-5Mz1EzdbP7NM5TL0ujtfCsw9yAuOAXRhncM6slSdCtH6JQ4_GXyXbNBVUibaWbWJXyaEwk-lDwezAujoHmJti0CzDBTyn92tmNCfuU_CcfoiwLD4STLHFMCnBVTbKoeDbvdTpV24-4fB7S4QaOwryCCUO8LRV4xepCk27tw&sai=AMfl-YQWuJwLuEjRk86QZonxyX9KfvpivZnxkVoafWk0eHKUWp-mK9rq8JuhkTXC8KiAT6oxurkSzyqdYsuIhpchaPbsuQstgRZJDUA0IRglWX-LOHbiphgQOPD-s0pD1axC&sig=Cg0ArKJSzN310o5ZlS6rEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D9F 0
0 76ms
75ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhio22MC2PHU7WLGjv62K0eXLO9lbGBwZo3SlQ3H6x1dqbRh9uSAFerWOiB4ImAnD9d0ZAu_z3myksQgYM0IfvGVhslmG1vlDqLkxOJd5KTsQzLgkMHRvPEULKBH9CWnXtvhtG7wHxHzc2i73iFvAp4JNesHvctsfX5KIxeN_efUGE9gqthVK-D2Qjp0J7Ww9MD5uvephUa2ppGeicRIPFVJfkiWwjgHc26j82PtkCo_nb7yUF2dVh0wABybn3iLlDNI8vZRGx2Lfk1Ykeej-hkBX4hFRWa3dln1-72EGsbmrRM7XDDwwTgNzbqvsNuuE5TPKtE6A8BtPV6XUj_3s&sai=AMfl-YQjI_-N1MUL37CFYu1MDN0npp3fkNcjrgAP-i8i_S2pxXvy_HO8HpLEfPu4xmk_nzcsAH-ICbZ6Kvfbg3oIM2xL7SsKwtOh82lpSRSSsgHBe7DgO0V2X7xJwDEgWX-H&sig=Cg0ArKJSzJEBDZErwvsjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 Trellix_LOGO_F_BW_White.png
s0.2mdn.net/11581985/1642030774101/ Frame A2F9 6 KB
6 KB 47ms
45ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Trellix_LOGO_F_BW_White.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e11aa620f3a3d4eaa3c74339edb5885972f7c031dc83e92073bb4d91af311a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:28:41 GMT
x-content-type-options: nosniff
age: 86279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Feb 2022 18:28:41 GMT

GET
H3 200 Gradient-Pool-01.svg
s0.2mdn.net/11581985/1642030774101/ Frame A2F9 61 KB
23 KB 48ms
46ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-Pool-01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e485e709a41704ecb4f5c7b8a43b79f8fae9eb048257b50accfc9c9e20838816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23893
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 16:39:32 GMT

GET
H3 200 Gradient-bg.jpg
s0.2mdn.net/11581985/1642030774101/ Frame A2F9 18 KB
18 KB 55ms
53ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562ec00fa7e1a22ed4ef64be7f21657b69451746bf5b0be7ba8f1da330ca1c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:28:41 GMT
x-content-type-options: nosniff
age: 86279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Feb 2022 18:28:41 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 39ms
23ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=19&fi=0&apd=38&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799466&r=502470418992&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=middle&zMoatPT=article&zMoatSL=mpu-middle%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 42ms
26ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=19&fi=0&apd=38&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799466&r=502470418992&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=middle&zMoatPT=article&zMoatSL=mpu-middle%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 41ms
25ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=273&fi=1&apd=323&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799349&r=699476313125&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 Trellix_LOGO_F_BW_White.png
s0.2mdn.net/11581985/1642030774101/ Frame 6C20 6 KB
6 KB 43ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Trellix_LOGO_F_BW_White.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e11aa620f3a3d4eaa3c74339edb5885972f7c031dc83e92073bb4d91af311a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:28:41 GMT
x-content-type-options: nosniff
age: 86279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Feb 2022 18:28:41 GMT

GET
H3 200 Gradient-Pool-01.svg
s0.2mdn.net/11581985/1642030774101/ Frame 6C20 61 KB
23 KB 41ms
37ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-Pool-01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e485e709a41704ecb4f5c7b8a43b79f8fae9eb048257b50accfc9c9e20838816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23893
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 16:39:32 GMT

GET
H3 200 Gradient-bg.jpg
s0.2mdn.net/11581985/1642030774101/ Frame 6C20 18 KB
18 KB 47ms
42ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11581985/1642030774101/Gradient-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642030774101/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562ec00fa7e1a22ed4ef64be7f21657b69451746bf5b0be7ba8f1da330ca1c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11581985/1642030774101/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:28:41 GMT
x-content-type-options: nosniff
age: 86279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18550
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Feb 2022 18:28:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
23ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799466&de=502470418992&cu=1645640799466&m=659&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3691&le=1&lf=0&lg=1&lh=18&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=0&ag=19&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=55&pf=0&ib=1&cc=0&bw=19&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=38&cd=0&ah=38&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-middle&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-middle&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=546283383&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 bannerify.css
s0.2mdn.net/sadbundle/10113551157518786109/ Frame D9D2 2 KB
666 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10113551157518786109/bannerify.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c0dcd4b55543761efc3938f9629dff76dadbd325d991207ff5e4c4acc569c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 637
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 13:19:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 17:20:42 GMT

GET
H3 200 shopify-plus-logo_442000690.svg
s0.2mdn.net/sadbundle/10113551157518786109/images/ Frame D9D2 5 KB
3 KB 49ms
48ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10113551157518786109/images/shopify-plus-logo_442000690.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b9ea78297afce3e74a7b83d33b9d076391d88b4f87e81ed8748d893f1061eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2612
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 13:19:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 17:20:42 GMT

GET
H3 200 learn-more_997022438.svg
s0.2mdn.net/sadbundle/10113551157518786109/images/ Frame D9D2 3 KB
999 B 53ms
52ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10113551157518786109/images/learn-more_997022438.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00d926e9c5723dfe924fcaecc5f2e1c019eeaf6a492c6cdb99fafbe3b79bed0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 13:19:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 17:20:42 GMT

GET
H3 200 heinz-went-direct-to-consumer-in-7-days_976537058.svg
s0.2mdn.net/sadbundle/10113551157518786109/images/ Frame D9D2 24 KB
4 KB 74ms
73ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10113551157518786109/images/heinz-went-direct-to-consumer-in-7-days_976537058.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba69d3ef83d19bf1c7aa193c305b7f413d46d5a7e60e8d8d23f2ab38d14a071b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 13:19:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 17:20:42 GMT

GET
H3 200 bannerify.js Show response
s0.2mdn.net/sadbundle/10113551157518786109/ Frame D9D2 843 B
408 B 53ms
53ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10113551157518786109/bannerify.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e21374e28af917d507a00214c9c6a17242e1205793510f7f112b21b56b8d1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10113551157518786109/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 13:19:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 17:20:42 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8087 22 KB
8 KB 52ms
51ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 11:03:55 GMT
expires: Thu, 23 Feb 2023 11:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 26565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35B4 0
0 85ms
84ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWGbPkGTxU6XqlgQqUXfK4Womf_9KLuoOse7LwBXg3dW7ZWE8OY7zh218KfaCOhmd8g67_9Q7OpKqF5VmJKONDnuCTprfR58eEH3aT7zejR_rZYjFnN0EdeEFyi040B9daRJPb8k0BY2-mYH38Awn5BG0I02D2tVCl3sBoZAHGZclldk6butbpbMpeXsmBXQNHwxQVm_yufqN4xIl4OSwD299GCs8SJ-_-IZdi5JEwbRbCojJtoqd4Fmfuvvb9-G_q4tgsUSodGH-hR6g-4xVn2y8NMVf8ezCDpQ_42Dd1C4Ws_n6OpQ6I&sig=Cg0ArKJSzAWzhFeRtPn7EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
DATA 200
OK truncated
/ Frame 35B4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a408c0699db7168c60ec228474b529a1ced78d15b3704d1c2c1eb012dc59581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
30ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799556&de=270077423827&cu=1645640799556&m=627&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3671&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=0&ag=22&an=0&gf=22&gg=0&ix=22&ic=22&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=22&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=44&cd=0&ah=44&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=1988011693&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 30ms
28ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1645640800311&r=743585533397&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 32ms
31ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1645640800311&r=743585533397&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 32ms
31ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=237&fi=0&apd=256&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799466&r=502470418992&t=hdn&os=1&fi2=0&div1=0&ait=109&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=middle&zMoatPT=article&zMoatSL=mpu-middle%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C5D4 0
0 108ms
105ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO5_zDw6M5l46avmb-FkO-2I77LrUcDaBL1W0wpHxpb6SvkFZ56wiZDdbxd1h0_k_WAaRUQa6MecxBHWbkv7HcU9q12crVzKfr_6XdqPlFV7NyirLb0HjQWHfk5lfCkfSqzrI8zzaGCFRY-DQp6QWOQu1MGPR2emhpaMSaRFEfOUSDZxSP3JKgUuf73j-v79v7boMKRdqG_ZDpKiEJ56MriEwLU_suSO91kGr6-SPRF0iNnPMhl1aljr6s4X0maR8O1EVdAKwLlR1pe7YAocSAQ5rSnQ7gL6GDUOY8NfX5itvsQy47prMAw_mcGhdHOlT1igbcLvj1jyD_Ug&sig=Cg0ArKJSzH8DoiwVRsrUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C5D4 13 KB
10 KB 187ms
110ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8dfc2b478db541200122973cc2f9a95629db3db0348a04f46bd76e35750fff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9749
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 113ms
112ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=814577542946857&bg=!KSqlKm7NAAbf-5Dq3_s7ACkAdvg8WsfFsDiYX_baTUP-SCtfKDliJh_t0FctqTviLPnNjYYgHaIgZQIAAAJLUgAAAAFoAQcKALFt-saN18W6Hy65hxaOxbOFyzlHrWMfWg-PPC13xpj66wO29nHd3cCyRntpNmcpwrvjX0DPu9kkOBRGTlESd41xzeibwFH59-_6oGhakLMe8rcCNSKpeJ6lNct8w4GZrwpyMH3DccfIwc1RNAVSli6hBld-K4SdUmnLsy-Asrlj0tvrt1HBo_3f4O0BL3YQkAoRAFXsfYf9EXhEj2Yj-ZU_W95mFCKWBX1iQPrDT1JBwcuZAr7r2X6hJ7J2wkgqt8m5rTNqsZWNGZVQooIN4-rYZ05-bJEuNFo2aKyjax4uUeRJRx_xFz_cdNgqJtmyppN0mHKI5bsOkILgof2qTLOUE_ZREOyX3Lv2eYyZWp57GD5_UkJDkp5d6mPe3bw-3arPUeKx6Ikh_HJk6tI9ebrGDqZDSEW14hiJuiRCRPzrY2bZ0JZwvXO1dVgM_fe05cx03YuI5NET4yV8z1EfCFx5Es651AX1MKNJhB0XE9hxLVNghIqFOCmwgM5HrtONp0zybv2JaZpI3KRU3KjckPyocUF088CDrnSCnWLPiqOtZFGyJqkt3MGbNRIVLnLziwMYWAmT5TezV9lhbLrcuPalrW0x0j-qnH2VjtsqLFS5d7SKq-dqU-cndnrvEug9xwRP07xeZGfp1PPpA8OOcI7XZoKGMtbC1It-yDCswIWI-vnuQm5aHLHE7PSi2Eqid6uGwsx7RTA00pBbGF7b5LZhwO-LVnQvuF53P9zXQpzG1LFN0lBl-1tb7gj3saWyZf0LRkLyH2z40V8DDI0TDwJWBjN4EbeCZXZoB5KxMZzwuai3KE9i9pkmOPNmI4BVjvrFkPl3d6LZSXcbJwbFaXwNO8jGd81C4i20-CQYOCK9UIYzHI-ah7qC6uaC9JxrPtYVSl1TRSt8B1-g0DVQv_g9CrXt0NpxavkFJU6CXBBnuY5fBocdUBqPrO2srCdXXTo13AJi08ZhYlrpl7vy5GW1vTaA3TUiNTjqZX6ZhAtNg5TpA_6g0ot0aHAihbYPDH-D9xM--KGeeQmlJfPKHax32A-jBmhmSeDW0e_xnnO-O7Sfj7u0uLw1Tjosjji0eU3vrPn9J60LB4gyzqYessLQAYFYzSPC6xPa7DBFgcZ_iYSg2v6m5KzqIYWjdSPIkzU7Nb2j4GzYXt21_1axsrNwwYE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 54ms
54ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642030774101%2Findex.html&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799574&de=753323461406&cu=1645640799574&m=620&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3671&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=0&ag=27&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=55&pf=0&ib=1&cc=0&bw=27&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=53&cd=0&ah=53&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=895317022&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE00 0
20 B 134ms
133ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEaEcXnwWYv_zL8nH7_UPpqqQgAEAAAAAOAHgBAI&bg=!oaKloubNAAbf-5Dq3_s7ACkAdvg8WtTs5z36Gvzvc0oC5UlBWhOnh2hR3hFutU_HmNLaQylMWeBFgwIAAAK6UgAAAAJoAQeZAu2Unh87edfjygspqVfwi-obkdRqM2QfAiuanWbtrVHP_C8QOfQ1lA9dVFRDs2ICU3ilirpVAjUEcfgof3H7jRW4C9omxpb1tHnDhYTo9VZ_avp0hcvHv8mwNWq_DtzFojQxEYwCRX9xNh4rJk8Wfo-BN4kIL0wODmFEcSujcrqkufBUSBayW2AItJtb79iK3cnz9pXZqckGiWbqBXAsqnyTcV_TVvYEW6xwmB2XtGudRe058YI2eFwKuf0bNcRLS7_pXvE0fzCW9XiORqIchcrY7bH64ktyJf6DKqyknDUiS2YmLpzu9t1hqxjNmv8RwNZOhlNfHZuRBfdUvdb9t0Fq0Sie3BMrH3TgU8rmEn3tL0CG8YnwkDxGp5Zh9UALW4UTAXcPTPK5VMI8tcSR4QH0owmFWmc5FZfDcTECFW7B7TWnwwQIrozy0NkVjkldLfNnseI_8HZy6Us_NsWfHQp88OA0DVGAi_BiyL_NjWJ8ipKRVhfOzrQbEWDo5E0TBxOYUymjcqcN8XAwPkNMF2IJ0kLOId7WceMV4v5RTW1tXfVnLbTvxJsdPZEs1aNE7AgsqQVmaJoekxwo1OBjOw1lf0L9QhFObB9VqhEh-okG9Ildb2BfQGcsUPMop4dFpq8VHvXgfrGaqvJs3iuU9MQb_Q26ByO8OZtn-8qHTtNMhHzR8DtcDkd4ZK7EOvB8K3JY2MhqXXOV63YWaJN38zQFUkqd8C2gl0EZdXJp7haKTgsCZXiEuTVs9g75lWDWM4JLn-mIfqBWqnJCGqfyrci4vJ93F_lx2Ir6XcMQkpUCv0Fqp5UmCjPI8OHsLVlf2TqCF-g_qfTiorqN7J_HOc8oRfQ9Kqm1mCdLWdNqMTMyDJxnTqhG1k9dPqVbyabSLx7kxJl4uNhVJLx8B_70jKto2PQSjJNIbrSQnbc2lW-2b8T0v_ZoSZrNaa837-4RhdK89vCt5qn5ONxPhBR9m8fYDL4sQ3b0lolgJvQPBg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD27 0
20 B 127ms
127ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHRr1XnwWYrb1L7rK7_UP_YC50AQAAAAAOAHgBAI&bg=!LyylLGjNAAbf-5Dq3_s7ACkAdvg8Wt-9NrklMm94V6Fy58WtLU1jZqhstkv5JZW3pXsJCbj6GLl8uwIAAALfUgAAAAdoAQcKAGGucJ5vpGz7ARREQIE9c6A4mH2Ah-7W-TkkGGJrB8yQCCDJViJbbDFftP2pptU8G4jX_Hp3YskL8Ay_5aMej98wFPDaGLV4EVRp2hv9zBkc-D_b1B9bAlTc9I7dTrqOeA77mQLRrjhHaKZMYdd2fltLsNLw6mhJX7ScITIlX4iMkArcCPGXX6wm74nntI1CFbpAIeSzGegGLJkWVGU_FVRS42vjl1pJTlPGmaZEjvnbyYhxQyRxHms80brjAPxq-QLchZfihIEPP8xlzDbshTKJ94i9CtuealV1cI-mF2awwT2itWBpDtrlp14EA25JzQB4Pky_BHmg4HyqZITRsX9DeL5-LJLsFzTneeMO0I7qNT0dmb-N59svB7cKBmForQnI03gZM1cu-pmDcvGzBMCwp0okQv6gTy1zDwED9_fJ3WAy7SaZHHuYBizoDeQGuiF2A9ds8LT48PLw5ihIHIWPCJRgJJPX-OIOlMzEOvFFJ2o9TrlThiGTC8V7XFGH-T6vrXNr5KGj-KiERFAE4micXSCzORN7wWb_HlB-GS6SUowOtIHX5kEftGVMaOajvWf_9JjeEM0GIL1exPyCoakhAvLoBzaKYMEDKZ_j6vl_CShHLGKOrSk4Aej7C8_mha26kjXrVE9jKG1095xouoXmTJWAxkk1QVSX9jCmadYeIHaZsutils6rG167Y2Rw0HuNZ1ExIPoXZu5OYU977_fe3rDVTLeVFmkWrbMe0p52NSDzgczqgEKL18WNkz6hfMwnuacWU32NfI_zqilu3jXABeDATcCZ7OLjx3itVb3IdeOHiIkSMd-Mf78Elc5mh65Fz7N1lxMpMVVI1wHm6u275E5DcI3Mk3hAL73He9KHyuq-raGxZ-Hxw4rr1V7maucUoVvgjOBQpt78rT_NE2dzRdEfZ5SxURvBQ7jfFJ4nBDdFIrBlqFqeWexSkTlycvHvgh5u1Y15h-niwFYbmbzazKdy7fkbnHO4BdKRcJGwvYBhfiL_uSXc5ps5uKKr9B-zDk-NbO-IlJugoCBvnbQ8Vko11lGkcmyJZUTMgk4oCRoudr9R7JW2tJoiFH_kE3uVr_31rQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8087 35 KB
13 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:01:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 73ms
71ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1645640800311&de=743585533397&m=0&ar=64537839394-clean&iw=38967c59&q=29&cb=0&ym=0&cu=1645640800311&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A406%3A406%3A1449%3A383&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=197205&na=1502913126&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E374 0
23 B 114ms
114ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaXgRIXCi7U3cpJDzwpOPZ1h1fkWuMJFcm2fvvmG3rVOZwfWZcQdlZpSAVf-lvDDhJHQ7b3Z92tsBHB7115nQOAJ_j_v3-PSA5WuiKm_eHY3oSaRTJ5N9pVqDJ-RW1vVe9bqCWUyMhti7KsvexDrlFbaRjDHNVrmkLEta0R0CUyMCamRyO3p6ri73l7U7zjKhOGHwU2g3djfxADAzmea0_nS1Im7BxSINWJCV_O5mJNZl09D1VrdQCaf2c93_QQw_iq0xpxUvhwToCvbVgTNcEn8BjCZy1oz2Omc8EJXv3Hvt5e72YOYSOJntxH-jjJfmkRJh3uFhUPOspo51hu6VkgGBRkdsB2YNI7tX62fbmS7wpV0_dl4KUBIrr6226NeZZHdQ5Z1eFO7hXCTVYV0v2Ur7gx-EyHuV77Wbdxnaw-bfyVGiCTZzoEoMRqPBTcdCvdWUNUXCY4J7WweM_VzjYMD6T43JGXdVoPkwSocL7irgKvXpluZxcBO-W8sGkcTSjTrVlPg_IO98HD88YfPZ-xZ2fUyJ9nCNEf0QqhYJdi8idc8KQ5DNgW3zOV7xLB5byHkhYBwpLFHnVG5gs_TufQDlGIuclOUHS5Va2YUPf27EwX8yAsffWresX8nsIewLLyS89-AtfnNqEDUJBdhetatq9ec-yV3L8kKHyVJVKoxNrXU207S88ug4pTm6CqXUgE4H4-R_16m91q78GCRYEL20SSfL4LF99ANyz0_EL4FdzHnPtjq2WkRsBzEtia0-6PDuqCn9ysO9_i7JJdkcZMbdWla87mPj1PFWFApWQhX0x47JGs9MHIYAxser8uxb3n_TSOZDr1CcUeHKPsJjXttIYmSrxsJWrWpJC4gkrICXAjeNqO0mFlu3Q70VkHs7r_kSbfSPucBFgnzgU68OBbnmrYgxqM2gm-1HXSHiH1OSV_ZQtWRJculAjU3QuqKPO3kBxRk6-vVKMczswr2QWAsDaSkQqIiq3uOoX7y3yE38mmnjvJbtDCSXaQeAjo2hfY5gf5xOYqzLTEttc10MCyC38EMafuGXDgrVBsB5I7Hzw3q2RtEb8vMIJkZxYSSfHDNNki01y7Xn0wOngrQm_9yOtnpDQcL6ZM2NkR2YDObmNfOhnNc5YcphLAUYNJvQjRbaCNIQnOslfZdRLcEqxxjAuWPk&sai=AMfl-YRvL88tLt18yfBhsR2ScFfKegDgzUB935YFzOGcKdGRm0So5ouPmiitSgpzXqwVqlyh-v2MSMdYsH6ymksd6SVoQR5SIBQ5v__zD65wvxL_KivsN4LOYc0o9ocyfRDAu5lsihBbRtLkFBJfYXj_MK5jA6CzVvoQ4qPj2bc&sig=Cg0ArKJSzFV_dVIL1fjlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=766&vt=11&dtpt=544&dett=3&cstd=219&cisv=r20220217.21947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 63ms
62ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=197&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1645640800311&r=743585533397&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 54ms
54ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16181266791146063110&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640800311&de=743585533397&cu=1645640800311&m=16&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3631&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-bottom&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=197205&na=2086826274&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C5D4 17 KB
6 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 324D 13 KB
5 KB 67ms
46ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 18:26:09 GMT
expires: Thu, 23 Feb 2023 18:26:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 31
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 54C8 783 B
534 B 84ms
67ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a077f818dfd0e11e2c35548ec84b90b32641a285a61f363104fa5238d6affbe3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oEOi8aIIqHKl7uOnq5zpMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Feb 2022 18:26:40 GMT
date: Wed, 23 Feb 2022 18:26:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-oEOi8aIIqHKl7uOnq5zpMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8087 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be6voX3wWYqXNIdXD7_UP7PmEyAwAAAAAOAHgBAI&bg=!vb6lvvrNAAbf-5Dq3_s7ACkAdvg8Wp5B-9tewlJldjOSXsjNH86qxQYfEj1cqXRDY8ORn8GqgbrCngIAAACYUgAAAAJoAQeZAyX1gvCoQppIVAM6PetmYUtuWeQOVFPkiCQwt--38mzEvRlskjAZJl7Wk_suoWqqRBbY_TgK1bJ9vi5ICAs1QQf89-9SoxWfsb2AkXqldwuROPm8dYkBjNo9E1GVcvGJ8N-fgRMz6VofoVFr7ut42p3FTN-4fTzIhn7c7n76HPpIOu4MXqKmEIg5O8d8Hf1tlWKVRb6esQRfvCEgUSNb1TT1Am8VKyMPKnNH1lUL6ClIMkWEeI9yk-97N2JbEfunnwWnv8r3qQxrRJiLznyYg-UmWF4nmNt1OSI2oOI3VbtzglaADlrr77bglG6g6Gx9mdKiqBQ6v-Ev5BBkVqGtryZChjsp_4ozvEo0IXkNBB1jSOmhvdEMYqLeanJpNPU-7M-fagTsLO0BgihKCVh8He2m1ZVdjYQbqq9pefv01lkARt_T6hn5dl0BHEK7WZyb7-TFq4V1CiJ3wZ7g_PvTJtC-QrPGTUaXOIsF99BL1A_WD-swFmwSBITOULGs4G8wBH0fheqEPZpqwXUH4nR9x6VsQuyJVnUzDPypfT67ksB334Bzbi8tzw9LWN8sL2XEfaj6hdTNplu7I55X4oa7bAPtPPSKsZ_VI8AF-EQcyfSuU6UufOdhLe9o3c5jnj9N8kulU74VmpmQQxR1xJuBEl1LSAhrLEPtZyMmn_s1Y4Kd747eQXDw0aHC34T4gPmM_06oAbh3g7mCTB0DS6Awa_KUCT2TEUXLPNgXEZN8l6BmP_Fa67zruph86zCQtfl6uvO-8NWb3oGgWw7CJB_eBfOb7JPEt_Fl_S7QZOXJQp6qOp8ZLEtqJ7d12dG_T-ZVVbhHmkqt7ai4pItpbcIqjOonqj_IG4G4GEyGfuwcUGCrnzlanvNdXhvj6hAvPgkqi9P0xAeRG_9BoTFkaTMpoHpDKoeUmEscFuApxIVEOHUFd_Jbn9Fk544hK_xOKB19ZBoZatyAx_rec-k0OGBdTnodUqlkiVA7bWXuVJ0ruMHHkrnBCDLzoIEktXyrkB_F5PcSzdjqOQnIITQ4pnsVwl7ND0Rw3_QrfvngJNTiPm6be-WpmV9c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame 324D 35 KB
13 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:01:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 54C8 0
0 154ms
153ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=567009674538603&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame 324D 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 49ms
47ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=technology&zMoatAdUnit3=security&wf=1&ra=3&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=5&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640798472&de=54227829076&rx=152868440540&cu=1645640798472&m=2486&ar=64537839394-clean&iw=2e8829d&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=5&lb=3601&le=1&lf=239&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1175&an=13&gi=1&gf=1175&gg=13&ix=1175&ic=1175&ez=1&ck=1175&kw=976&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1175&bx=13&ci=1175&jz=976&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=976&cd=25&ah=976&am=25&xd=00&rf=0&re=1&ft=745&fv=0&fw=745&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=197205&na=438578250&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 49ms
48ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=976&tet=1175&fi=1&apd=1187&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1645640798472&r=54227829076&t=iv&os=1&fi2=0&div1=1&ait=745&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Ftechnology%2Fsecurity&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D4 0
20 B 114ms
113ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=567009674538603&bg=!d3SldDDNAAbf-5Dq3_s7ACkAdvg8WkrlUba_TfgTWWGh7exWKvOZOFUNg3H37qsyFiPNSQJTEI2G9AIAAAB6UgAAAANoAQcKAMVm0HToAeCalW5Dr9BC71DAvj1Xsg6TO4mSLRRN4CY4sifT4C0EL9i4MQPrSR8eMkBdP6TiF6NQLk0DUmhDg7HXRXnYWc0y2qdecPM2XrWGRNRe3c1NBQWQ3gnAhHmbszkNU6C4k4XriuAeIYXQ-5z8xvaIwLxA4UQpLmfxXHrz1bFU9KPDtovz4wc4kZhKaqU05zGNC-rQEFyMNofdLAdao9UvR8D3Gl2Nf8d9ZKsm3tiNXwfR7H9qpgQILsTrjwxx5gh84ZkCzHwqbX7gy4fhg2zPlrkIDfTGZDdscYH6rc0EYGr-RcBlC01jvnwTC8IZPSgLFkTXBZNVKpMATZ9CfLwTo7RyAuwuRZvUUl5SJKsxcWLBHbs4R4zVC7J-tvVo8RHyVa_Kpyb3iR4i1f6mJDQ8elrFKk6R_vIVjSj8UkVFTaMgkFoL3EqWk58C_82chE0rOCb0giqrft8WKhpNVNAcjf3wlgPXO1z-xl4K4uLT666bctiEdmz3ya9BLQtoECsniBrG5g6RwA3qYrY8Bgdh6bOb7bfmP44Lb5MQAVZMxBwpczyRB2NRdwf0h-MTHWsAyR7U5pK2QC9mcofUhdso2a5G9eDH8aHViHQ_0jseNfMIcqe1RsLDwEHeptKAJtml0VArnnl5quKDQM1OaQAWxhXDlrauDTGXTfhIt4-KRUNOXBXbkDjf03wjC9dzQtxV8MQQWFG4xIBov3gkrpEoprHfo0cHNEq0aQ9TrDSO1rK34mJ0l8mEIW_DOUQTKvci8LF-wmNVsTqUKDqKYlGFSyDxEpUz0hfL-2A8xB6MeAEdjvnUpNuaQ6xleflFHpD0kbQHoz7ULh4eY5Y7QYnio5PHNCfl8o02Dc0B5cJFh5ZydoNKAnsGlAF3UzQwqaaOi9b2UwSoYBZ6_CWY-a7456qBB9SgYiAbempS-gynQ1TQghNkOpuJOoG-_VlVWKBZPMdJZnFU_H5Wcz-q_uJ2UKRNVH9_Zt8BmY-5g9ZDkX2hyFylXsnfnsyA2H8Dxb1KReL0BnzEGBtpNMusnqWWMxg6T28Ok3M73b0H3TrPwfeOrZwuwouIA02jbKQ37pVQcJRQ5BmtWquP7xQn2RL2gqoJBPqnQAKNHg8Oef-MpWhh6DAOqtgNUjpwWJULEL4vfk4muzLq6QAlg4D-uUaO763NuYCDRUKMtuYB_p6Zy8Y9LDbYpY4FKlCmw4aBELy0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 54ms
53ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=981&tet=1132&fi=1&apd=1182&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799349&r=699476313125&t=iv&os=1&fi2=0&div1=1&ait=734&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 54ms
54ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=technology&zMoatAdUnit3=security&wf=1&ra=3&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=5&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640798472&de=54227829076&rx=152868440540&cu=1645640798472&m=2487&ar=64537839394-clean&iw=2e8829d&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=5&lb=3601&le=1&lf=239&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1175&an=1175&gi=1&gf=1175&gg=1175&ix=1175&ic=1175&ez=1&ck=1175&kw=976&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1175&bx=1175&ci=1175&jz=976&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=976&cd=976&ah=976&am=976&xd=00&rf=0&re=1&ft=745&fv=745&fw=745&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=197205&na=787501567&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
43ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=technology&zMoatAdUnit3=security&wf=1&ra=3&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=5&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640798472&de=54227829076&rx=152868440540&cu=1645640798472&m=2487&ar=64537839394-clean&iw=2e8829d&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=5&lb=3601&le=1&lf=239&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1175&an=1175&gi=1&gf=1175&gg=1175&ix=1175&ic=1175&ez=1&ck=1175&kw=976&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1175&bx=1175&ci=1175&jz=976&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=976&cd=976&ah=976&am=976&xd=00&rf=0&re=1&ft=745&fv=745&fw=745&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=197205&na=860084130&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E374 42 B
64 B 87ms
87ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcMZWXx9zcbuF6_ii6RH6dkTP27ZtRr4DgmHKh0H3X8v5e2WyrpmMUbNwoZsPdwoNZSSVziLhf6mf8jd-k2vDqM_ELlrnEo5w30M381FWbBXf6NmFyiA&sai=AMfl-YS6kwzA1l4TXQCt-MtlEFeE_HEy66vrj4mH88FiEe6Nhp7RLeco0rZAlymAjbt4Kbw9A1CkA-8NoD4AUth4gsDokmcKuAzNU1etc2fBLYnng2mUeQGHmmgA0ewOBY8&sig=Cg0ArKJSzJwP8ZdK1Mf2EAE&cid=CAASFeRouQg9RtjfHviHm45K0UzB7BA3yw&id=lidar2&mcvt=1001&p=5,436,95,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3529097836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645640799235&rpt=787&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
25ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799349&de=699476313125&cu=1645640799349&m=1640&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1132&an=50&gi=1&gf=1132&gg=50&ix=1132&ic=1132&ez=1&ck=1132&kw=981&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1132&bx=50&ci=1132&jz=981&dj=1&aa=0&ad=971&cn=0&gk=971&gl=0&ik=971&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=981&cd=100&ah=981&am=100&xd=00&rf=0&re=1&ft=734&fv=0&fw=734&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=1449318015&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
29ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799349&de=699476313125&cu=1645640799349&m=1642&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1132&an=1132&gi=1&gf=1132&gg=1132&ix=1132&ic=1132&ez=1&ck=1132&kw=981&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1132&bx=1132&ci=1132&jz=981&dj=1&aa=0&ad=971&cn=971&gk=971&gl=971&ik=971&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=981&cd=981&ah=981&am=981&xd=00&rf=0&re=1&ft=734&fv=734&fw=734&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=188702597&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 33ms
33ms Image
image/gif 104.107.161.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=874&tet=1056&fi=0&apd=1075&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5119226536&L2id=2971103685&L3id=5893577926&L4id=138379103758&S1id=22308610192&S2id=22654085702&ord=1645640799466&r=502470418992&t=iv&os=1&fi2=0&div1=0&ait=928&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatPS=middle&zMoatPT=article&zMoatSL=mpu-middle%3FLL%7CT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.161.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D9F 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswoTNG2U9ZhLdfMVrdMTl7VQze_42-c4zNiIg2EIjTAP4ljuOPmG1iMpMted56_-o7YJ2KtThnW8rdrVORbfd0dAPrGc7cCjvYkVEhwdXJJHi3UGaMxBG1atgz4mdeEPzt9Q6h6QoA50ALlxPBLY7YOx6-TCs3NvjB26-4m1mk&sig=Cg0ArKJSzP2LTlazCT-eEAE&id=lidar2&mcvt=1005&p=1063,1050,1313,1350&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=0.55&app=0&itpl=19&adk=3640736402&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645640799263&rpt=845&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1EF 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrRK-a3YN8PSoqYFrJ62z9pG3gGAfsIMHoogiyuQdcyrN9H6MVvmgtqBTSsnkuOhhKjB0ZVdaALzyb9CXDRiN6VizZsDf0YZ7TTy8PPh4bOOEz4uuR3smdi4kPkxbZJfaVAU1NYD24lQSlj__oMxnC3EkAEWDnHL884EJB9Hfy&sig=Cg0ArKJSzIUN179iejOAEAE&id=lidar2&mcvt=1006&p=451,1050,701,1350&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1139850431&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645640799200&rpt=891&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 27ms
27ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799349&de=699476313125&cu=1645640799349&m=1643&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1132&an=1132&gi=1&gf=1132&gg=1132&ix=1132&ic=1132&ez=1&ck=1132&kw=981&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1132&bx=1132&ci=1132&jz=981&dj=1&aa=0&ad=971&cn=971&gk=971&gl=971&ik=971&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=981&cd=981&ah=981&am=981&xd=00&rf=0&re=1&ft=734&fv=734&fw=734&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=749871011&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 24ms
24ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799466&de=502470418992&cu=1645640799466&m=1692&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=18&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A55%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1056&an=19&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1056&kw=874&aj=1&pg=55&pf=55&ib=1&cc=1&bw=1056&bx=19&ci=1056&jz=874&dj=1&aa=0&ad=928&cn=0&gk=0&gl=0&ik=0&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=874&cd=38&ah=874&am=38&xd=00&rf=0&re=1&ft=928&fv=0&fw=928&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-middle&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=mpu-middle&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=757746256&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799349&de=699476313125&cu=1645640799349&m=1846&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1338&an=1132&gi=1&gf=1338&gg=1132&ix=1338&ic=1338&ez=1&ck=1132&kw=981&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1338&bx=1132&ci=1132&jz=981&dj=1&aa=1&ad=1177&cn=971&gn=1&gk=1177&gl=971&ik=1177&co=1177&cp=1182&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1182&cd=981&ah=1182&am=981&xd=00&rf=0&re=1&ft=940&fv=734&fw=734&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=1621746546&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799556&de=270077423827&cu=1645640799556&m=1643&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1044&an=22&gi=1&gf=1044&gg=22&ix=1044&ic=1044&ez=1&ck=1044&kw=865&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1044&bx=22&ci=1044&jz=865&dj=1&aa=0&ad=921&cn=0&gk=921&gl=0&ik=921&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=865&cd=44&ah=865&am=44&xd=00&rf=0&re=1&ft=921&fv=0&fw=921&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=1840334052&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
17ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799556&de=270077423827&cu=1645640799556&m=1644&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1044&an=1044&gi=1&gf=1044&gg=1044&ix=1044&ic=1044&ez=1&ck=1044&kw=865&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1044&bx=1044&ci=1044&jz=865&dj=1&aa=0&ad=921&cn=921&gk=921&gl=921&ik=921&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=865&cd=865&ah=865&am=865&xd=00&rf=0&re=1&ft=921&fv=921&fw=921&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=992079940&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799556&de=270077423827&cu=1645640799556&m=1645&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1044&an=1044&gi=1&gf=1044&gg=1044&ix=1044&ic=1044&ez=1&ck=1044&kw=865&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1044&bx=1044&ci=1044&jz=865&dj=1&aa=0&ad=921&cn=921&gk=921&gl=921&ik=921&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=865&cd=865&ah=865&am=865&xd=00&rf=0&re=1&ft=921&fv=921&fw=921&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=772612740&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799574&de=753323461406&cu=1645640799574&m=1629&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A55%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1043&an=27&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1043&kw=866&aj=1&pg=55&pf=55&ib=1&cc=1&bw=1043&bx=27&ci=1043&jz=866&dj=1&aa=0&ad=919&cn=0&gk=0&gl=0&ik=0&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=866&cd=53&ah=866&am=53&xd=00&rf=0&re=1&ft=919&fv=0&fw=919&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=1982615224&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
16ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799466&de=502470418992&cu=1645640799466&m=1895&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=18&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A55%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1258&an=1056&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1056&kw=874&aj=1&pg=55&pf=55&ib=1&cc=1&bw=1258&bx=1056&ci=1056&jz=874&dj=1&aa=1&ad=1130&cn=928&gk=0&gl=0&ik=0&co=1130&cp=1075&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1075&cd=874&ah=1075&am=874&xd=00&rf=0&re=1&ft=1130&fv=928&fw=928&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-middle&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-middle&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=859909296&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 17ms
16ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799556&de=270077423827&cu=1645640799556&m=1847&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1248&an=1044&gi=1&gf=1248&gg=1044&ix=1248&ic=1248&ez=1&ck=1044&kw=865&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1248&bx=1044&ci=1044&jz=865&dj=1&aa=1&ad=1125&cn=921&gn=1&gk=1125&gl=921&ik=1125&co=1125&cp=1066&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1066&cd=865&ah=1066&am=865&xd=00&rf=0&re=1&ft=1125&fv=921&fw=921&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=307255991&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
15ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799574&de=753323461406&cu=1645640799574&m=1831&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A55%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=1246&an=1043&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1043&kw=866&aj=1&pg=55&pf=55&ib=1&cc=1&bw=1246&bx=1043&ci=1043&jz=866&dj=1&aa=1&ad=1122&cn=919&gk=0&gl=0&ik=0&co=1122&cp=1069&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1069&cd=866&ah=1069&am=866&xd=00&rf=0&re=1&ft=1122&fv=919&fw=919&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=68255045&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
15ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=technology&zMoatAdUnit3=security&wf=1&ra=3&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=5&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640798472&de=54227829076&rx=152868440540&cu=1645640798472&m=6311&ar=64537839394-clean&iw=2e8829d&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=5&lb=3601&le=1&lf=239&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=5001&an=1175&gi=1&gf=5001&gg=1175&ix=5001&ic=5001&ez=1&ck=1175&kw=976&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5001&bx=1175&ci=1175&jz=976&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4812&cd=976&ah=4812&am=976&xd=00&rf=0&re=1&ft=4571&fv=745&fw=745&wb=2&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=5&jm=-1&tc=0&fs=197205&na=1692615026&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:44 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:44 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
16ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799349&de=699476313125&cu=1645640799349&m=5668&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=5160&an=1338&gi=1&gf=5160&gg=1338&ix=5160&ic=5160&ez=1&ck=1132&kw=981&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5160&bx=1338&ci=1132&jz=981&dj=1&aa=1&ad=4999&cn=1177&gn=1&gk=4999&gl=1177&ik=4999&co=1177&cp=1182&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5009&cd=1182&ah=5009&am=1182&xd=00&rf=0&re=1&ft=4762&fv=940&fw=734&wb=2&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=217072928&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
15ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799466&de=502470418992&cu=1645640799466&m=5719&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=18&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A55%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=5082&an=1258&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1056&kw=874&aj=1&pg=55&pf=55&ib=1&cc=1&bw=5082&bx=1258&ci=1056&jz=874&dj=1&aa=1&ad=4954&cn=1130&gk=0&gl=0&ik=0&co=1130&cp=1075&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4900&cd=1075&ah=4900&am=1075&xd=00&rf=0&re=1&ft=4954&fv=1130&fw=928&wb=1&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-middle%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-middle&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-middle&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=567241155&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
20ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22654085702&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799349&de=699476313125&cu=1645640799349&m=5870&ar=64537839394-clean&iw=38967c59&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=5362&an=5160&gi=1&gf=5362&gg=5160&ix=5362&ic=5362&ez=1&ck=1132&kw=981&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5362&bx=5160&ci=1132&jz=981&dj=1&aa=1&ad=5201&cn=4999&gn=1&gk=5201&gl=4999&ik=5201&co=1177&cp=1182&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5210&cd=5009&ah=5210&am=5009&xd=00&rf=0&re=1&ft=4964&fv=4762&fw=734&wb=2&cl=0&at=0&d=5119226536%3A2971103685%3A5893577926%3A138379103758&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22654085702&dfp=0%2C1&la=22654085702&zMoatW=300&zMoatH=250&zMoatVGUID=8f142a81-aa57-46b5-a511-4b5255ba16a8&zMoatSN=a&zMoatSL=mpu-plus-top%3FLL%7CT-1000&zMoatMMV=waiting&zMoatMMV_MAX=waiting&zMoatMGV=waiting&zMoatMSafety=waiting&zMoatMData=waiting&zMoatSlotId=mpu-plus-top&zMoatCURL=zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tz=mpu-plus-top&iq=waiting&tt=waiting&tu=waiting&tp=waiting&tc=0&fs=197205&na=1451360083&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
15ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799556&de=270077423827&cu=1645640799556&m=5669&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=5069&an=1248&gi=1&gf=5069&gg=1248&ix=5069&ic=5069&ez=1&ck=1044&kw=865&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5069&bx=1248&ci=1044&jz=865&dj=1&aa=1&ad=4946&cn=1125&gn=1&gk=4946&gl=1125&ik=4946&co=1125&cp=1066&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4888&cd=1066&ah=4888&am=1066&xd=00&rf=0&re=1&ft=4946&fv=1125&fw=921&wb=2&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=425236618&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
25ms Image
image/gif 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GOODWAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Fd%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-axhMBihjE1CFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&id=1&ii=4&f=0&j=&t=1645640799574&de=753323461406&cu=1645640799574&m=5654&ar=944fd8091a1-clean&iw=74ec1ce&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3601&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=55&vx=55%3A55%3A-&pe=1%3A406%3A406%3A1449%3A383&as=1&ag=5068&an=1246&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1043&kw=866&aj=1&pg=55&pf=55&ib=1&cc=1&bw=5068&bx=1246&ci=1043&jz=866&dj=1&aa=1&ad=4944&cn=1122&gk=0&gl=0&ik=0&co=1122&cp=1069&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4893&cd=1069&ah=4893&am=1069&xd=00&rf=0&re=1&ft=4944&fv=1122&fw=919&wb=1&cl=0&at=0&d=11581985%3A27087047%3A518143862%3A164679749&bo=7628188&bd=326145738&gw=goodway341003946512&zMoatOrigSlicer1=7628188&zMoatOrigSlicer2=326145738&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=196859&na=523434154&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 18:26:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Feb 2022 18:26:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?ruHUlA

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations	1970-01-20 01:07:58	Name: pv Value: 1
www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations	1969-12-31 23:59:59	Name: zdnet_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22aw%22%2C%22subses%22%3A%223%22%2C%22session%22%3A%22a%22%7D
.zdnet.com/	1970-01-20 01:17:25	Name: fly_geo Value: {"countryCode": "de"}
.zdnet.com/	1970-01-20 01:17:25	Name: fly_device Value: desktop
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
www.zdnet.com/	1970-01-20 09:52:56	Name: _mfuuid_ Value: 9ff5abb3-047f-4d4b-bb46-aad569ee613d
.zdnet.com/	1970-01-20 09:52:56	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Feb+23+2022+18%3A26%3A38+GMT%2B0000+(GMT)&version=6.20.0&hosts=&consentId=e2190105-0052-4986-911c-0146b3963922&interactionCount=0&landingPath=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fvulnerability-found-in-wordpress-plugin-with-over-3-million-installations%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.zdnet.com/	1970-01-20 01:50:32	Name: arrowImp Value: true
.zdnet.com/	1970-01-20 01:50:32	Name: arrowImpCnt Value: 1
.zdnet.com/	1969-12-31 23:59:59	Name: zdnetSessionStarted Value: true
.zdnet.com/	1970-01-20 01:50:32	Name: zdnetSessionCount Value: 1
.www.zdnet.com/	1970-01-20 18:38:32	Name: chsn_cnsnt Value: www.zdnet.com%3AC0001%2CC0002%2CC0003%2CC0004%2CC0005
.www.zdnet.com/	1970-01-20 18:38:32	Name: tglr_tenant_id Value: src_1kYsAcdpfzbZ8UlNLYht1RPg3m2
.www.zdnet.com/	1970-01-20 01:07:22	Name: tglr_transit_id Value: b4fd33e0-1811-47ae-83bf-8d2ab02eaee1
.www.zdnet.com/	1970-01-20 01:07:22	Name: tglr_sess_id Value: a29a8b94-6306-4204-80ab-2cfa1dc4f606
.www.zdnet.com/	1970-01-20 18:38:32	Name: tglr_sess_count Value: 1
.www.zdnet.com/	1970-01-20 01:07:22	Name: tglr_req Value: https://www.zdnet.com/article/vulnerability-found-in-wordpress-plugin-with-over-3-million-installations/
.www.zdnet.com/	1970-01-20 01:07:22	Name: tglr_ref Value:
.www.zdnet.com/	1970-01-20 18:38:32	Name: tglr_anon_id Value: 08d67bd6-9ed6-4d17-94d7-5f5e2c534fb3
.cohesionapps.com/	1970-01-20 18:38:32	Name: cohsn_xs_id Value: 128b6724-504c-4ef0-8414-b6bfdb90085a
.www.zdnet.com/	1970-01-20 18:38:32	Name: cohsn_xs_id Value: 128b6724-504c-4ef0-8414-b6bfdb90085a
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 8f142a81-aa57-46b5-a511-4b5255ba16a8
.zdnet.com/	1970-01-20 01:17:25	Name: RT Value: "z=1&dm=zdnet.com&si=a04bc256-8482-4c42-aa97-9a9835bdd12e&ss=kzzw1hxo&sl=1&tt=14a&bcn=%2F%2F02179913.akstat.io%2F&ld=16n"
.doubleclick.net/	1970-01-20 10:28:56	Name: IDE Value: AHWqTUkf7iRz2EeTNUyaSlhiuCQecERUc7imEf-5y8XTTcSl-c8hJZ1-yNpaKVZIE4A
.zdnet.com/	1969-12-31 23:59:59	Name: fly_session Value: f30556f7fa7c587100bfe5e4f3da60aa
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: df72747375a9bc52
.adnxs.com/	1970-01-20 03:16:56	Name: uuid2 Value: 572490127397527481
.casalemedia.com/	1970-01-20 09:52:56	Name: CMID Value: YhZ8XwDrcEOJpIywHmrW1gAA
.casalemedia.com/	1970-01-20 03:16:56	Name: CMPS Value: 3270
.adnxs.com/	1970-01-20 03:16:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVVo8z']!]tbPl1M>e)ZlrFUfJ+tGXxpGQk[XQ<^Nuy::>AJ=?zIQTgp[m[82CV5cgm%3If)y3KL9D3I?+[Fgvws
.casalemedia.com/	1970-01-20 03:16:56	Name: CMPRO Value: 1139
.zdnet.com/	1970-01-20 10:28:56	Name: __gads Value: ID=81a39bf292fe7282:T=1645640798:S=ALNI_Maofz1wru5zoIVCLIeKUs5BoRAQWQ
.casalemedia.com/	1970-01-20 01:08:47	Name: CMST Value: YhZ8X2IWfGAA
.casalemedia.com/	1970-01-20 09:52:56	Name: CMRUM3 Value: 2d62167c602760CAESEACPRwSgg6ca3RR0Gx8zAYs

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01847585da75c10ab0b5882f9e077fa2.safeframe.googlesyndication.com
02179913.akstat.io
a.myfidevs.io
adservice.google.com
adservice.google.de
at.adtech.redventures.io
bam-cell.nr-data.net
c.go-mpulse.net
cdn.cohesionapps.com
cdn.cookielaw.org
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
d86fbcb09213a5e4a283a0278b26b5b4.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fibrwiaaa3ybckqdl6aaacqaabrbm7c7-pmveju-da0b29dc2-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ingest.make.rvapps.io
js-agent.newrelic.com
mb.moatads.com
pagead2.googlesyndication.com
protected-by.clarium.io
px.moatads.com
redventuresgamdisplay60805146916.s.moatpixel.com
redventuresgamheader644747280705.s.moatpixel.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.myfinance.com
taggy.cohesionapps.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
urs.zdnet.com
www.google.com
www.googletagservices.com
www.myfinance.com
www.zdnet.com
xhkzxjiccbv4eyqwprpq-pmveju-22b4b62e0-clientnsv4-s.akamaihd.net
z.moatads.com
tpc.googlesyndication.com
104.107.161.172
104.85.0.246
104.85.1.154
142.250.181.226
142.250.185.194
151.101.130.154
151.101.2.137
151.101.65.194
162.247.243.146
172.217.18.98
18.195.177.132
184.87.213.172
2.16.107.194
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200a
2a02:26f0:7100:199::11a6
2a02:26f0:7100:59a::11a6
2a03:5f80:a::b212:e7c1
2a03:5f80:a::b212:e7d0
2a04:4e42:4d::666
2a06:98c1:3120::7
2a06:98c1:3121::7
34.120.203.121
34.206.8.109
34.246.74.180
37.252.172.250
52.31.222.185
54.156.82.16
54.166.33.211
99.86.4.6
00d926e9c5723dfe924fcaecc5f2e1c019eeaf6a492c6cdb99fafbe3b79bed0d
01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f23aaa9d0fec5942a9907b88ad801ff3eff3abede69bf286d869061201c67fe
12717f96c61a500136a8564d666db9b960869a71dd3176a438b53fb08be5c7bb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
1417ef8a900183e770d8aa2e7156bf4b91db720b245175988779cd6100d94246
151a9f98e0c7df8e9b67b6fe95c4ae444b130c017de3453ee631c2aeda1fe314
1a703d617fb31d56238372d5bf78e9861b3a09b7447a0184bd5f1c178461ed12
1e638848d7db68fe47336fd80131e324ff4b5ae9b005e251c2bce43f1affc321
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
20dbfa98265fd196038a8e09c01d713520f750afca175225abae45367be17d90
21b9ea78297afce3e74a7b83d33b9d076391d88b4f87e81ed8748d893f1061eb
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
279138401346858eae76bd6cc799ff025deba500d6d17cda4f4c5d6bb469cdd8
2818d836e23d0f07d75eff14cdcf47ac7667a229de861b027cd67abcf3ee85fc
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
31b2a8a81e231a983806e65dffe1ee16c27dc7f4c23d3ae9abaa4a58ce7518cf
322eba4b7b20cbc3fbcdff98200769a8c844ff222e198cc05b011d420a3eb4df
37b3ebaceec5f1a6d14f250f18f81205aedfe32413b0b1656cc830c19e617a00
3c591927cc6254cd17a33c78e3293b8456851a88c736b300647f7d263dd31740
3fa79fbb07dbab48edb1f44dad67d6df9f0e0f6e820e6877c86d83b60c3c1863
41b41054221f9790b0e811de4ce9cf3698de3ed02b2d6cabdfa854376a8e7f29
41f332a76d3e7508a6fc9c571d5820f2693054d41a1a3fe2f03e21b4bf3005ba
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4b4dad418b5d4b434b71820310e18a9f6f00a31b86d72d3e811f40edc3de194f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5004fc32cc4c3bb0f34d6b5fdb1d61faeb6e71b7cc37b729b7a21d51a1add436
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5298f06fd72db24361757504ca5b18585b51de1ba9f94934556e3a44460b4f6b
55512fd4729d1dc0eaff22a32c9d3df4f92bddc8d176854930ead03810c56b9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562ec00fa7e1a22ed4ef64be7f21657b69451746bf5b0be7ba8f1da330ca1c1e
572996a781ef84028e29a85bbf1cb0297990af40aa4b8c31d3e792d27aeba5d7
576649254a2390013960a896c18a4424fe5d5f7ed62d1d129873ef0aa0e62282
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5e21374e28af917d507a00214c9c6a17242e1205793510f7f112b21b56b8d1ff
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63748161559eaa06635bc2eb316897d778b5971b64f8fc645a1555d68b15e5e7
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68c74f997015e5f4909ac3f793dd3c8c0d71587ce9acee281b3ae9decda87814
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b64ea0d1dc21b5d9f3524b2373eafb321c72dcfaba13f8326b52a9faee1754a
6de2d1e32cf8dae82612984f83cd078fda5bd9272c98851248b0ae9f6e41bd79
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7898d0bff6f92e917be0491b91f39bac554d172f43a3e53722e25a7859f70db1
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7f1639eeb6e3eb3e2de52c35e650ac2fe53ea34ee8e8cac73807facad51e9b7f
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
8156ede940a7b01afa5cae444653d91bef270e00e0d6f191bf131a19988c7828
8296d2d75356bf38a062a91f864313e8b7dcbf7544a4ed2ac2f4c458e02e26bf
82f947d14a0a198dfe3cec2fde7896f6e332eb798cc193dad8da9ed2225277cd
86d53b4ea06415ee2db4a16035ec4a9d8066fe766d32bf176e0bfe8a9debca53
87e4be9904c7a7dc6b6631cd87aa836df597005621d5acf4557a4bcef4f9ecf1
88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9
8a408c0699db7168c60ec228474b529a1ced78d15b3704d1c2c1eb012dc59581
8bdeaac3a9979f54f020c6859c22f07dce1a1168233708981bc6f6143a2c5712
91cd78495ea807ddca95bbf0372b143f9c3b311f9802420ce2d86bf0eda0f9ca
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
9b7909cb9edd007095b41a13617b66208e4210fff9c5e411a7db116efefc8e71
9edf18bbfef634560679ad06feed2b79fa44760b9df8e54e838b325203ec3ec8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a077f818dfd0e11e2c35548ec84b90b32641a285a61f363104fa5238d6affbe3
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7022891f72d988b7560aaefd0f9742c19ec202d788d25a63754d541de26e238
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8dfc2b478db541200122973cc2f9a95629db3db0348a04f46bd76e35750fff1
afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9
b007743d5735df9c1d4e4c788b122e20727c31b1ee89906df459cd8efb383c9c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3575c98b2e9b9a6064d4a9d8732a550873f84100ef10b4d7d9b9144faccbb38
b3f21d860a12ff8722e06543d4db455ed274509d6648b9197c1956fa171e8732
b61c6d0eab48f8228bb5336346cad254eafd45a43b1a8976c2d73f7df8d0d8cc
ba69d3ef83d19bf1c7aa193c305b7f413d46d5a7e60e8d8d23f2ab38d14a071b
bb3661ac37cbb213b64eb600c7c30da647babd9a2b2ffdbe5f30830fcebe2cc4
beab425afd7208430f689788e9b03241b9ba6aee18bc592612246f2f5dbbccfb
c1c0dcd4b55543761efc3938f9629dff76dadbd325d991207ff5e4c4acc569c8
c26b8bad9db974b743c9dffe78b1dcc93bff87eb414abd2b8d110b3280bbdca2
c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2
c7d28383592e5a347b19a4c76904c46a860500694283ea50bf46b3a4458b3329
c83de3876b70820a0a835648010dc49a5600d6c3dd65f1a1e19ff44d33663083
c8d24a7db903318b3b6dc6ef239b5c38339dc0deea956f031963381e96996657
cd0401cea03c54b6ec4338c0f1d9c20f159858a7ad987d60443027e29c55ff11
ce7b67ce0d27a89485ffdbb4cc7a5bcd70c0d18e2b0b69c81e9445601875910e
cf10bcbc2156c4908bf62af9b648d460c61c7d9196a34db7aeb485353424b2b6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d085b1e5c8f2ecb1040648446b0ebc4a5733ce2272dd40a37c9e5871010656cd
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de84481ef689217d382563817adc5a2848c296565721097690dd23833568741c
dec0ce43402242a33abf43eb63cef39e26dddff54fc853cb35d0297fc609109b
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e11aa620f3a3d4eaa3c74339edb5885972f7c031dc83e92073bb4d91af311a02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d87fb2f74eabfc35ffcd2a35fef2043226e56ef9faecebca8cf35f7fcd5953
e485e709a41704ecb4f5c7b8a43b79f8fae9eb048257b50accfc9c9e20838816
e754726ab5b208bfdbfd32c91627cd65a39a7380196a9d7c3242fe693265e33e
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
eaf765d314b24473895a9ece61135d31023528c3b65129051b2c5a471d780604
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22199bae8b8829f81d8838b76a9a97c5817a477e25105aebe4397d198e89856
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f9fae4789fb8436574a0894e7c918cd97da2e2667d4bee19af89ada69409298c
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:4d::666 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

241 Requests

97 %HTTPS

46 %IPv6

27 Domains

44 Subdomains

39 IPs

6 Countries

3014 kBTransfer

9003 kBSize

35 Cookies

18 Outgoing links

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:4d::666 Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

97 %
HTTPS

46 %
IPv6

27
Domains

44
Subdomains

39
IPs

6
Countries

3014 kB
Transfer

9003 kB
Size

35
Cookies

241 HTTP transactions
8 data transactions